CISO at the C-Suite
Click here to view
Click here to view
techUK’s newly launched The CISO at the C-Suite report tackles the key question of how the Chief Information Security Officer role should engage at C-Suite and Board Level, leveraging influence to ensure cyber security is seen as an enabler of the rapid digital transformation that all organisations have seen throughout 2020.
As cyber security increasingly underpins and enables business growth across all sectors, and enables the Fourth Industrial Revolution to gather pace, the CISO function must seek to educate, garner and leverage support from the C-Suite and Board levels to drive change across their organisations.
"Boards drive the business agenda, so changing the narrative to Cyber Security as an enabler of everything the organisation does will filter down through the organisation. As we continue to see rapid digital transformation across all sectors, technology decisions are best examined with a view of the cyber security impact and driving competitive advantage. In the largest organisations the CISO function is at the heart of this."
Jacqueline de Rojas
techUK
Our report makes five recommendations to enable the CISO to add differentiated value and to create a strong foundation of cyber security knowledge across the business:
Driving good cyber security practices into the wider organisation is a cultural change, and one that can be difficult to make across corporate silos. techUK’s report highlights the need for the CISO to foster collaborative relationships with the C-Suite and Board levels in order to support that change across the business. Cyber security is increasingly an enabler of all functions across all organisations because it allows growth by protecting the business: it is not simply a risk to be managed. The CISO must sit at the heart of an organisation, and the success of any individual in the role relies on them being suitably positioned, supported, and enabled.
However, enabling the CISO role is only the start of the journey. Our report argues that we still focus only on technical expertise and experience as being necessary traits for a CISO and, while this is important, it’s not the requirement and capability which will engage, lead and drive change across a business through the digital age.
This report is the first in the wider techUK Cyber People Series, which will be exploring how people can be the strongest element of the UK’s cyber defences. The aim of these reports is not to be prescriptive but to support organisations and stakeholders in making the right decisions, highlighting best practice across UK sectors, and sharing insight from industry leaders across a range of topics. This first document intentionally starts at the top of the tree in terms of cyber defenders – the role of the CISO, and the CISO function, in the largest organisations.
Future reports in this important series will examine the CISO function more broadly, including implications for medium and small businesses. The next one will explore what the role of the 2021 CISO function should look like, and how they can leverage the support detailed in The CISO at the C-Suite to accelerate transformation.
You can find the full report here.
**Coming soon** The CISO at the C-Suite PODCAST with report contributors Jean-Christophe Gaillard and Jason Tooley.
Programme Head, Cyber and National Security, techUK
Programme Head, Cyber and National Security, techUK
Dan joined techUK in August 2017 as the Programme Manager for Defence and Cyber.
Before joining techUK he worked as Forum Lead for the Westminster eForum. In this role he led a programme of conferences in the technology and telecoms space, on issues ranging from Broadband and Mobile Infrastructure, the Internet of Things, Cyber Security, Data and Women in Tech.
Dan has a BA in History from the University of Liverpool.
Programme Manager, Cyber Security & Central Government, techUK
Programme Manager, Cyber Security & Central Government, techUK
Jill is techUK’s Programme Manager for Cyber Security and Central Government, supporting the work of both programme teams and promoting better engagement between the public and tech sectors.
Prior to joining techUK, Jill worked as a Senior Caseworker for an MP, advocating for local communities, businesses and individuals, so she is particularly committed to techUK’s vision of harnessing the power of technology to improve people’s lives. Jill is also an experienced editorial professional and has delivered copyediting and writing services for public-body and SME clients as well as publishers.
With an MA(Hons) in American Studies from the University of Edinburgh, Jill continues to be fascinated by the history and politics of the USA. Otherwise, outside of work, she can be found up a hill, swimming in a loch or curled up with a good book.
Programme Manager, Defence and Cyber Security, techUK
Programme Manager, Defence and Cyber Security, techUK
Sam is the Programme Manager for Defence and Cyber Security at techUK.
Prior to joining techUK, Sam worked as an Account Executive for a small lobbying agency in Westminster where he briefed politicians in Westminster and Local Authorities on housing and energy issues and wrote policy briefs.
Sam holds a BA (Hons) Degree from the Department of War Studies at King’s College London where he focused on the implications of Cyber War and an MPhil in International Relations & Politics from the University of Cambridge.