{"id":2037018,"date":"2024-11-20T10:49:16","date_gmt":"2024-11-20T15:49:16","guid":{"rendered":"https:\/\/securityboulevard.com\/?p=2037018"},"modified":"2024-11-21T09:19:55","modified_gmt":"2024-11-21T14:19:55","slug":"cisos-look-to-establish-additional-leadership-roles","status":"publish","type":"post","link":"https:\/\/securityboulevard.com\/2024\/11\/cisos-look-to-establish-additional-leadership-roles\/","title":{"rendered":"CISOs Look to Establish Additional Leadership Roles"},"content":{"rendered":"<p>As cybersecurity challenges <a href=\"https:\/\/securityboulevard.com\/2024\/11\/the-ciso-evolution-from-tactical-defender-to-strategic-business-partner\/\" target=\"_blank\" rel=\"noopener\">grow in complexity<\/a>, chief information security officers (CISOs) are exploring new leadership roles to bolster their teams.<\/p>\n<p>According to an IANS and Artico <a href=\"https:\/\/www.iansresearch.com\/resources\/ians-leadership-organization-benchmark-report\" target=\"_blank\" rel=\"noopener\">survey<\/a> of more than 800 CISOs, roles such as business information security officers (BISOs), chiefs of staff and heads for privacy, program management and data protection are among the top positions being considered to support cybersecurity efforts.<\/p>\n<p>George Jones, CISO at Critical Start, noted operational maturity is a key factor when considering new leadership roles.<\/p>\n<p>He said without a mature cybersecurity program and the ability to determine how these roles will drive measurable impact \u2014 such as mitigating specific risks, improving compliance, or enhancing business-aligned security initiatives \u2014 it is challenging to justify the creation of specialized roles \u2014 even as CISOs themselves <a href=\"https:\/\/securityboulevard.com\/2024\/10\/cisos-concerned-over-growing-demands-of-role\/\" target=\"_blank\" rel=\"noopener\">feel increasingly overwhelmed<\/a>.<\/p>\n<p>\u201cHighly regulated industries, such as healthcare or financial services, or those with diverse business units or global operations, can benefit from leaders who can bridge security, privacy and data protection with specific business goals,\u201d he explained.<\/p>\n<p>Trey Ford, CISO at Bugcrowd, added that investing in executive leadership below the CISO can be driven by any combination of customer needs, regulatory overhead, business lines and technology stacks that diverge from the core business.<\/p>\n<p>\u201cIt may be to increase focus and execution in higher leverage organizations with excessive span of control, it is also to help contain and manage risk from the focus area,\u201d he explained.<\/p>\n<h3><strong>CISO Compensation Strategies<\/strong><\/h3>\n<p>The report also highlights significant disparities in security compensation across industries.<\/p>\n<p>Tech, financial services and consumer goods\/services <a href=\"https:\/\/securityboulevard.com\/2024\/10\/average-ciso-compensation-tops-500k\/\" target=\"_blank\" rel=\"noopener\">lead the pack in average pay<\/a>, reflecting the high demand for expertise in these sectors.<\/p>\n<p>Total compensation for top-performing functional cybersecurity leaders in the highest quartile starts at $345,000, while the average across all cyber leadership roles is $280,000.<\/p>\n<p>Ford explained security talent (especially leadership) does not map to classical IT and engineering compensation packages.<\/p>\n<p>\u201cCompanies are investing in experience, perspective &#8211; not just knowledge and raw competence,\u201d he said.<\/p>\n<p>He added that \u201cje ne sais quoi\u201d for security leadership is the ability to partner and influence outside direct reporting lines.<\/p>\n<p>\u201cThat includes the ability to speak multiple business and technical languages, and to foster ownership for outcomes aligning incentives,\u201d Ford said. \u201cIt&#8217;s not just financial, it&#8217;s a force multiplier impact.\u201d<\/p>\n<p>He explained that CISO recruiting benchmarks vary widely, and specialized security search firms have some of the best data on hiring and compensation trends.<\/p>\n<p>With the macroeconomic tension over the last couple of years, many companies have pulled recruiting and search back in-house &#8211; with varied impacts and learnings.<\/p>\n<p>\u201cI would encourage companies to partner with those specialized firms to find the right fit &#8211; not just a human that ticks a short list of boxes,\u201d Ford said.<\/p>\n<h3><strong>Professional Development, Cross-Functional Leadership<\/strong><\/h3>\n<p>Jones said while compensation is an important factor, organizations that invest in robust professional development programs, prioritize career progression, and offer clear growth opportunities can sometimes overcome this obstacle.<\/p>\n<p>\u201cAnother avenue is offering equity options, performance bonuses and non-financial perks, such as flexible work arrangements, wellness initiatives and workload management,\u201d he said.<\/p>\n<p>These strategies can differentiate an organization that may not have the same budget structure to attract top talent.<\/p>\n<p>He noted that highlighting an organization\u2019s purpose \u2014 such as securing critical infrastructure or public services \u2014 can also help set it apart.<\/p>\n<p>Jones recommended smaller organizations leverage cross-functional leadership roles, such as combining privacy and compliance oversight under a single leader and sharing responsibilities to drive efficiency.<\/p>\n<p>He noted that compliance-heavy industries can prioritize roles that drive business alignment or privacy under a BISO to have a higher impact at a lower cost.<\/p>\n<p>\u201cAdaptable leaders who can wear many hats often thrive in environments and organizations with a lean focus,\u201d Jones said.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>According to an IANS survey of more than 800 CISOs, roles such as business information security officers (BISOs), chiefs of staff and heads for privacy, program management and data protection are among the top positions being considered to support cybersecurity efforts.<\/p>\n","protected":false},"author":11289,"featured_media":1809249,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[20982,23406,21858,14098,14097,98631,99462,99461,13418],"tags":[13987,65999,92008,12303,12122],"class_list":["post-2037018","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-ciso-suite","category-blogs","category-sb-featured","category-sb-news","category-sb","category-social-facebook","category-social-linkedin","category-social-x","category-sb-spotlight","tag-ciso","tag-compensation","tag-ians","tag-it-security","tag-recruiting"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v23.9 (Yoast SEO v23.9) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>CISOs Look to Establish Additional Leadership Roles - Security Boulevard<\/title>\n<meta name=\"description\" content=\"According to a survey of more than 800 CISOs, leadership roles are among the top positions being considered to support cybersecurity efforts.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/securityboulevard.com\/2024\/11\/cisos-look-to-establish-additional-leadership-roles\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CISOs Look to Establish Additional Leadership Roles\" \/>\n<meta property=\"og:description\" content=\"According to an IANS survey of more than 800 CISOs, roles such as business information security officers (BISOs), chiefs of staff and heads for privacy, program management and data protection are among the top positions being considered to support cybersecurity efforts.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/securityboulevard.com\/2024\/11\/cisos-look-to-establish-additional-leadership-roles\/\" \/>\n<meta property=\"og:site_name\" content=\"Security Boulevard\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/groups\/24445075146\/\" \/>\n<meta property=\"article:published_time\" content=\"2024-11-20T15:49:16+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-11-21T14:19:55+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/securityboulevard.com\/wp-content\/uploads\/2019\/05\/Leadership-Security.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"770\" \/>\n\t<meta property=\"og:image:height\" content=\"330\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Nathan Eddy\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@securityblvd\" \/>\n<meta name=\"twitter:site\" content=\"@securityblvd\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/cisos-look-to-establish-additional-leadership-roles\/\",\"url\":\"https:\/\/securityboulevard.com\/2024\/11\/cisos-look-to-establish-additional-leadership-roles\/\",\"name\":\"CISOs Look to Establish Additional Leadership Roles - Security Boulevard\",\"isPartOf\":{\"@id\":\"https:\/\/securityboulevard.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/cisos-look-to-establish-additional-leadership-roles\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/cisos-look-to-establish-additional-leadership-roles\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/securityboulevard.com\/wp-content\/uploads\/2019\/05\/Leadership-Security.jpg\",\"datePublished\":\"2024-11-20T15:49:16+00:00\",\"dateModified\":\"2024-11-21T14:19:55+00:00\",\"author\":{\"@id\":\"https:\/\/securityboulevard.com\/#\/schema\/person\/e12247bedb0e308eb583e34185a7c4d9\"},\"description\":\"According to a survey of more than 800 CISOs, leadership roles are among the top positions being considered to support cybersecurity efforts.\",\"breadcrumb\":{\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/cisos-look-to-establish-additional-leadership-roles\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/securityboulevard.com\/2024\/11\/cisos-look-to-establish-additional-leadership-roles\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/cisos-look-to-establish-additional-leadership-roles\/#primaryimage\",\"url\":\"https:\/\/securityboulevard.com\/wp-content\/uploads\/2019\/05\/Leadership-Security.jpg\",\"contentUrl\":\"https:\/\/securityboulevard.com\/wp-content\/uploads\/2019\/05\/Leadership-Security.jpg\",\"width\":770,\"height\":330,\"caption\":\"CISOs, leadership, security third-party supply chainCISO role\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/cisos-look-to-establish-additional-leadership-roles\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/securityboulevard.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cybersecurity\",\"item\":\"https:\/\/securityboulevard.com\/category\/blogs\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"CISOs Look to Establish Additional Leadership Roles\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/securityboulevard.com\/#website\",\"url\":\"https:\/\/securityboulevard.com\/\",\"name\":\"Security Boulevard\",\"description\":\"The Home of the Security Bloggers Network\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/securityboulevard.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/securityboulevard.com\/#\/schema\/person\/e12247bedb0e308eb583e34185a7c4d9\",\"name\":\"Nathan Eddy\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/securityboulevard.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/e6599346911a94e19de7d259040bf92d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/e6599346911a94e19de7d259040bf92d?s=96&d=mm&r=g\",\"caption\":\"Nathan Eddy\"},\"description\":\"Nathan Eddy is a Berlin-based filmmaker and freelance journalist specializing in enterprise IT and security issues, health care IT and architecture.\",\"sameAs\":[\"https:\/\/www.linkedin.com\/in\/nathan-eddy-3b31722\/\"],\"url\":\"https:\/\/securityboulevard.com\/author\/nathan-eddy\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"CISOs Look to Establish Additional Leadership Roles - Security Boulevard","description":"According to a survey of more than 800 CISOs, leadership roles are among the top positions being considered to support cybersecurity efforts.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/securityboulevard.com\/2024\/11\/cisos-look-to-establish-additional-leadership-roles\/","og_locale":"en_US","og_type":"article","og_title":"CISOs Look to Establish Additional Leadership Roles","og_description":"According to an IANS survey of more than 800 CISOs, roles such as business information security officers (BISOs), chiefs of staff and heads for privacy, program management and data protection are among the top positions being considered to support cybersecurity efforts.","og_url":"https:\/\/securityboulevard.com\/2024\/11\/cisos-look-to-establish-additional-leadership-roles\/","og_site_name":"Security Boulevard","article_publisher":"https:\/\/www.facebook.com\/groups\/24445075146\/","article_published_time":"2024-11-20T15:49:16+00:00","article_modified_time":"2024-11-21T14:19:55+00:00","og_image":[{"width":770,"height":330,"url":"https:\/\/securityboulevard.com\/wp-content\/uploads\/2019\/05\/Leadership-Security.jpg","type":"image\/jpeg"}],"author":"Nathan Eddy","twitter_card":"summary_large_image","twitter_creator":"@securityblvd","twitter_site":"@securityblvd","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/securityboulevard.com\/2024\/11\/cisos-look-to-establish-additional-leadership-roles\/","url":"https:\/\/securityboulevard.com\/2024\/11\/cisos-look-to-establish-additional-leadership-roles\/","name":"CISOs Look to Establish Additional Leadership Roles - Security Boulevard","isPartOf":{"@id":"https:\/\/securityboulevard.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/securityboulevard.com\/2024\/11\/cisos-look-to-establish-additional-leadership-roles\/#primaryimage"},"image":{"@id":"https:\/\/securityboulevard.com\/2024\/11\/cisos-look-to-establish-additional-leadership-roles\/#primaryimage"},"thumbnailUrl":"https:\/\/securityboulevard.com\/wp-content\/uploads\/2019\/05\/Leadership-Security.jpg","datePublished":"2024-11-20T15:49:16+00:00","dateModified":"2024-11-21T14:19:55+00:00","author":{"@id":"https:\/\/securityboulevard.com\/#\/schema\/person\/e12247bedb0e308eb583e34185a7c4d9"},"description":"According to a survey of more than 800 CISOs, leadership roles are among the top positions being considered to support cybersecurity efforts.","breadcrumb":{"@id":"https:\/\/securityboulevard.com\/2024\/11\/cisos-look-to-establish-additional-leadership-roles\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/securityboulevard.com\/2024\/11\/cisos-look-to-establish-additional-leadership-roles\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/securityboulevard.com\/2024\/11\/cisos-look-to-establish-additional-leadership-roles\/#primaryimage","url":"https:\/\/securityboulevard.com\/wp-content\/uploads\/2019\/05\/Leadership-Security.jpg","contentUrl":"https:\/\/securityboulevard.com\/wp-content\/uploads\/2019\/05\/Leadership-Security.jpg","width":770,"height":330,"caption":"CISOs, leadership, security third-party supply chainCISO role"},{"@type":"BreadcrumbList","@id":"https:\/\/securityboulevard.com\/2024\/11\/cisos-look-to-establish-additional-leadership-roles\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/securityboulevard.com\/"},{"@type":"ListItem","position":2,"name":"Cybersecurity","item":"https:\/\/securityboulevard.com\/category\/blogs\/"},{"@type":"ListItem","position":3,"name":"CISOs Look to Establish Additional Leadership Roles"}]},{"@type":"WebSite","@id":"https:\/\/securityboulevard.com\/#website","url":"https:\/\/securityboulevard.com\/","name":"Security Boulevard","description":"The Home of the Security Bloggers Network","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/securityboulevard.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/securityboulevard.com\/#\/schema\/person\/e12247bedb0e308eb583e34185a7c4d9","name":"Nathan Eddy","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/securityboulevard.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/e6599346911a94e19de7d259040bf92d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e6599346911a94e19de7d259040bf92d?s=96&d=mm&r=g","caption":"Nathan Eddy"},"description":"Nathan Eddy is a Berlin-based filmmaker and freelance journalist specializing in enterprise IT and security issues, health care IT and architecture.","sameAs":["https:\/\/www.linkedin.com\/in\/nathan-eddy-3b31722\/"],"url":"https:\/\/securityboulevard.com\/author\/nathan-eddy\/"}]}},"jetpack_sharing_enabled":true,"jetpack_featured_media_url":"https:\/\/securityboulevard.com\/wp-content\/uploads\/2019\/05\/Leadership-Security.jpg","jetpack_shortlink":"https:\/\/wp.me\/p91vu9-8xV8","_links":{"self":[{"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/posts\/2037018","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/users\/11289"}],"replies":[{"embeddable":true,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/comments?post=2037018"}],"version-history":[{"count":3,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/posts\/2037018\/revisions"}],"predecessor-version":[{"id":2037224,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/posts\/2037018\/revisions\/2037224"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/media\/1809249"}],"wp:attachment":[{"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/media?parent=2037018"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/categories?post=2037018"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/tags?post=2037018"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}