Why Skilled CISOs are Hard to Find
If your company is having difficulty scouting for a competent CISO, it may give you a bit of consolation to know that you're not alone. These days CISOs with top-notch skills are becoming harder to find because to succeed they have to understand IT, cybersecurity and healthcare in considerable depth, according to Stephen Cobb, senior security researcher at ESET.
Another reason for the thinning number of skilled CISOs is the seeming low level of interest among students in pursuing a career in info security. As Cobb has noted in a recent interview with Healthcare IT News, many of the promising students he has encountered in ESET’s Cyber Boot Camp for high schoolers are considering a field such as robotics rather than infosec.
The good news is that CISOs in healthcare are getting better at their jobs. “Today’s CISO is defending more data on more devices in more places against more threats than ever before,” Cobb pointed out. “If CISOs were not constantly upping their game, there would be even more breaches than we are getting at the moment.”
Cobb has been involved in computer security research for 25 years. He advises companies, consumers, and government agencies on the protection of sensitive data and systems. With his long years of experience in the field, he is cognizant of the role that CISOs play, both in healthcare and other industries.
So what is the worst mistake he encounters?
“I hate to mangle a great line from a great movie, but ‘failure to communicate’ is probably the worst mistake a CISO can make,” Cobb said, in reference to Paul Newman's famous quip from Cool Hand Luke. “That’s because the allocation of resources to the cybersecurity effort depends on those who control resources fully understanding the risks inherent in the deployment of digital technologies.”
Naturally it follows that Cobb said the one trait that is absolutely necessary to succeeding as a CISO is above average communication skills.
“My research showed that CISOs tend to score higher in conscientiousness and openness and lower in neuroticism than the average cybersecurity worker,” Cobb said. “The same can also be said of cybersecurity workers versus other IT workers.”
Source: Healthcare IT News
Image Credit: Stephen Cobb
Published on : Mon, 20 Feb 2017