I’ve spent the last few months interviewing CEOs, Non-Executive Directors, cyber chiefs and a range of other business leaders about the state of cyber security leadership on behalf of leading cyber security consulting firm, Savanti.
Writing alongside Savanti’s CEO, Richard Brinson, we describe what we have termed a ‘cyber security perfect storm’: growing threats and vulnerabilities, underinvestment, ill-equipped boards, poor hiring decisions and a tendency towards a ‘tear it up mentality’ among CISOs. Amazingly, the average cyber chief tenure is just 2.3 years and we calculate that the direct costs of a bad hire are at least £7.6 million.
The end result? Flux and instability – at precisely the moment we need strong, business-aligned cyber security leadership.
We outline the six key characteristics of business-aligned CISOs:
- Effective communication,
- Strong business acumen,
- A commitment to risk management,
- Change through influence,
- Evolution rather than revolution, and
- Enablement as well as protection of the business.
The cyber security leadership gap must be filled as a matter of urgent priority: it’s predicted that cybercrime globally will increase by 15% per year, reaching $10.5 trillion USD annually by 2025. If it were measured as a country, cybercrime would be the world’s third largest economy after the US and China. While nation states used to target other countries, their prime focus now is the private sector; and one in six of all those companies attacked in the past year said they almost went under as a result.
This is the first in Savanti’s series on the future of cyber security leadership. Forthcoming pieces will cover issues such as board governance of cyber security, creative approaches to closing the talent gap, nimble and pragmatic cyber risk management frameworks and a practical toolkit for business-aligned CISOs.
Read the Savanti insight here: Industry insight Series – Part 1 – Cyber Security Leadership Is Broken
If you’d like to join the debate, share our Insight on LinkedIn and email us your comments at email@example.com