The modern-day CISO: Toughest job in the world

Did you know that cybersecurity leaders such as CISOs have one of the toughest jobs in the world?

I didn't either, until I started writing about cybersecurity a couple of years back.

Heavy burden

Turns out that Chief Information Security Officers (CISO) have much on their plates:

• Cyberattacks are coming from all directions.
• Limited (and sometimes shrinking) resources.
• High stakes mean they can rarely disconnect.
• Digitalisation opening up new attack surfaces.

And even when everything is done correctly, there's black swan events such as last week's massive CrowdStrike crash that demands a review of old decisions and assumptions.

A lonely journey

No wonder CISOs are suffering occupational burnout at record rates, according to some studies.

One of the most memorable interviews I did recently was with Angel Redoble, who I spoke to when he was group CISO at PLDT earlier this year.

He told me:

“You must accept that this job is difficult. If you just want to be a CISO because of the monetary rewards or [some glamorous stories] that you heard from someone, then that's not a good motivation to be one.”

Angel's observations:

• Attackers are no longer college hackers, petty criminals.
• But organised cyber attackers from crime groups.
• Then there's state actors with vast resources.

Going the distance

Ironically, it used to be the Board don't understand the importance of cybersecurity. It's no longer the case.

Today, CISOs can expect the Board to breathe down their necks and perhaps even question their decisions, given how crucial cybersecurity has become.

But back to the question of stress.

If you are a security leader, whether team leader or CISO, how do you encourage your team and ensure they have the support they need to manage stress effectively?

Read the full story on GovWare here.