Are you a CISO who doesn’t know jack? Here’s how to bridge your own skills gap

How can the 76% (including Labbé) fill the gaps in their business knowledge? And how can the remaining 24% of CISOs — those who came into the role from non-tech backgrounds such as the military, law enforcement, compliance, or risk management — fill key gaps in their technical knowledge? Upskilling isn’t just for cyber workers, it’s for CISOs themselves.

How CISOs can gain business skills

Once Labbé’s dearth of business knowledge dawned on him, he decided to pursue an MBA. Now just six months into the 18-month program, Labbé says studying business strategy, communication, finance, and conflict resolution is already helping him on the job as a CISO.

“I’m rewriting [security] policies now, based on my new understanding of organizational behavior. People are actually following them now, as opposed to before. And when I’m talking to a vendor, I understand their financial drivers, so I can come up with a better contract because I understand both sides better.”