Strategic? Functional? Tactical? Which type of CISO are you?
“CISOs should and tend to lean into where they’re gifted,” says Jenai Marinkovic, vCISO and CTO with Tiro Security and a member of the Emerging Trends Working Group with the IT governance association ISACA.
Marinkovic believes her “gift is more in strategy infrastructure and understanding where the future is going to go, where the business is going to go, and then determining where the architecture needs to go.”
Like Gerchow, Steven Martano, IANS faculty and a partner in the cybersecurity practice at Artico Search, has seen what happens when a CISO and a role are mismatched. He cites the case of one company with a tactical, steady-state CISO that saw itself get outpaced by competitors with agile security programs led by transformational-type CISOs.
“That’s why it’s important for companies and CISOs to be honest with themselves of where they fit in with these roles,” Martano says.
