Executive recruiter Bill Liguori helps many organizations find CISOs. What skills are these companies looking for today? "Our clients are asking for folks who can be business thinkers first, but have a good depth of technology, security and engineering behind them. Because without that business concept, they're not going to build something that continues to grow the organization."
The CISO's role has evolved much as the CIO role has changed, Liguori, a partner at executive search firm Leadership Capital Group, says in an interview with Information Security Media Group.
"The CIO function used to be seen as "back-office, purely cost-center, non-strategic," he notes. But today, "every business is a technology business. Every business relies heavily on technology to acquire new customers and service customers. ... And security becomes integral."
In the past, security was one of those functions that was about protecting assets and responding to all threats, the recruiter says. "Now, it's becoming something that's more focused on the core operational side of the business."
Common Characteristics
The CISO's role is similar across most industries, Liguori says. "There's a lot of commonality across the spectrum when it looks to security leaders," he says. "A little bit of it is dependent on the industry - some industries are more highly regulated than others ... But if you look at it at a broad, macro level, [organizations are looking for] security leaders to be able to translate the needs of the business and the organization."
And recruiting CISO candidates with the right combination of business and technical skills is challenging, he says.
"Security folks - the good ones - are really hard to find. ... Most organizations have a whole slew of security leaders. But when you start diving into ... how do you find the good ones, it's finding those who understand how to continue to drive the business."
In the interview (see audio player below photo), Liguori also discusses:
How successful CISOs are dealing with evolving cyber threats, such as ransomware attacks and major data breaches; How the healthcare sector compares with other industries when it comes to expertise sought in CISOs; Predictions on what will come next in the evolution of the CISO's role.Liguori is a co-founder and partner responsible for the healthcare, insurance, hospitality, media and professional services practices at Leadership Capital Group. Previously, he was a vice president at a London-based retained executive search firm and served in various leadership roles at the data aggregation software company Yodlee and at the IT services and consulting firm Sapient Corp.