Defense Contractors Are Looking for the Wrong Traits in Their CISO
Threats to today’s defense industrial base (DIB) organizations exist in the digital landscape. That’s why a CISO is one of the most critical hires a defense contractor can make. While DFARS requirements and CMMC compliance are huge topics of conversation, cybersecurity leadership shouldn’t just possess technical expertise that’s honed to meet the letter of the law.
Instead, companies that want true cybersecurity effectiveness need to hire critical thinkers who can keep the organization one step ahead of threats that could hurt the business and national security.
What Kind of CISO Should Lead a DIB Contractor’s Cyber Risk Advisory?
Defense contractors that are hiring a new CISO need to assess the critical traits that demonstrate the ability to utilize adaptive risk management strategies and drive a cyber security program to the finish line. To do that, leadership should be on the lookout for these characteristics in the interview process:
- “T-shaped” skills that show depth in one core area and a breadth of knowledge across the industry.
- Creative problem solving around risks that are unique to your business.
- Understanding of real threats, not just compliance standards. This will make sure your cybersecurity budget is spent on tools and services that have a real impact.
- Eagerness to self-educate and understand the business from different perspectives.
- Finger on the pulse of what’s happening in cybersecurity technology and defense as a whole.
- Implementation experience that can drive ongoing initiatives to completion.
- Solution-oriented thinking that combines a variety of approaches. For example, some of the best cybersecurity initiatives have more to do with staff education than the latest tools.
- Adaptiveness in the face of new technologies, threats, and regulatory changes. Every CISO will confront challenges they’re not prepared for as risks evolve, so the ability to acknowledge those gaps will help organizations move faster.
Finally, be open to the possibility of working with an expert outside the cybersecurity field. Experience in risk management or national security can be an asset to the business, especially when their skills are complimented by a managed security services partner. After all, the risk variables may change from field to field, but the focus on eliminating threats remains the same.
Learn More: Cyber Risk Advisory and Vulnerability Management
War is no longer fought only on a battlefield. It happens everywhere at any moment in the devices we carry around in our back pockets and on our wrists. Cybersecurity was unheard of until 50 years ago—years before personal computers became commonplace. Now, with...
One of the internet’s greatest strengths in business, the ability to share information internally and externally, has turned into one of its biggest liabilities as cybercriminals around the globe relentlessly attack security vulnerabilities of third-party vendor...
On a list of the critical necessities for our country’s modern way of life, at the very top has to be electricity. Not only does it provide light, keep our food from spoiling and maintain a comfortable temperature in our living spaces, it powers the many screens with...