Philip Cao

Stay Hungry. Stay Foolish.

Archetypes of the Modern CISO

3 min read

As described in part one of this series, the role of the modern CISO has changed significantly over the past few years. CISOs have higher visibility and accountability than ever before, which has moved them from back-of-the-house operations into a key public-facing role.

This changing dynamic requires new attributes for successful CISOs in terms of competencies, experience, traits, and drivers. Among other things, CISOs need to be strategic outside-the-box thinkers with deep technical experiences who are also flexible, learning agile, intellectually curious, action-oriented, agents of change and seekers of roles that have high levels of visibility and accountability.


My colleague at Korn Ferry, Aileen Alexander and Paul Calatayud from Palo Alto Networks have both used the word “Herculean” to characterize the complete slate of tasks required to succeed as a CISO today, and that is certainly an apt description. We have also defined three emerging archetypes of backgrounds for today’s—and tomorrow’s—cybersecurity leaders:

1. The techie-turned-executive. This is the most common background, with about half of information security leaders fitting into this category. Korn Ferry describes this individual as a technical master who works with the CIO, has a hands-on approach during a crisis and is a driver of enterprise security architecture. Increasingly, even if these individuals come up through the traditional technology ranks, they are required to broaden their approach and look beyond technology and more closely at the corporation, its people, customers and suppliers.

2. The enterprise security and risk-focused leader:  This individual is a “big picture” leader who aligns information security with corporate business strategy and transforms the security function to meet the environment. These leaders are emerging in the financial services industry, where issues around sensitive information and compliance have forced cybersecurity functions to be more highly focused on risk management. In fact, Korn Ferry has also found that the financial services sector is where there is a more frequent shift in CISOs reporting to the chief risk officer instead of the CIO.

3. The Washington/cyber and physical security blend leader. This is a mission-driven leader who understands macro geopolitical and threat trends. This person has access to intelligence due to relationships and credibility. While less technical, he or she is able to “connect the dots” across security silos and is “Washington” savvy on a regulatory front. Again, these leaders are emerging in financial services, for much the same reasons those organizations are also turning to leaders focused on enterprise security and risk.

While these archetypes will continue to define most CISOs, because of digitization and evolving cyber risks, new responsibilities and priorities are emerging that impact the scope of the CISO role, regardless of their background. The CISO is inevitably becoming a crucial part of the executive team, and the roles and responsibilities of the information security team are growing as well. What does that mean for the next generation of CISOs? See part three of our series next week, the Top 5 Priorities of The CISO of Tomorrow.

View the full report that outlines what’s ahead for CISO leaders.


Leave a Reply

Copyright © 2006-2022 Philip Hung Cao. All rights reserved