Defense Contractors Are Looking for the Wrong Traits in Their CISO

by | Dec 28, 2020 | Critical Infrastructure, Insights

Threats to today’s defense industrial base (DIB) organizations exist in the digital landscape. That’s why a CISO is one of the most critical hires a defense contractor can make. While DFARS requirements and CMMC compliance are huge topics of conversation, cybersecurity leadership shouldn’t just possess technical expertise that’s honed to meet the letter of the law.

Instead, companies that want true cybersecurity effectiveness need to hire critical thinkers who can keep the organization one step ahead of threats that could hurt the business and national security.

What Kind of CISO Should Lead a DIB Contractor’s Cyber Risk Advisory?

Defense contractors that are hiring a new CISO need to assess the critical traits that demonstrate the ability to utilize adaptive risk management strategies and drive a cyber security program to the finish line. To do that, leadership should be on the lookout for these characteristics in the interview process:

  1. “T-shaped” skills that show depth in one core area and a breadth of knowledge across the industry.
  2. Creative problem solving around risks that are unique to your business.
  3. Understanding of real threats, not just compliance standards. This will make sure your cybersecurity budget is spent on tools and services that have a real impact.
  4. Eagerness to self-educate and understand the business from different perspectives.
  5. Finger on the pulse of what’s happening in cybersecurity technology and defense as a whole.
  6. Implementation experience that can drive ongoing initiatives to completion.
  7. Solution-oriented thinking that combines a variety of approaches. For example, some of the best cybersecurity initiatives have more to do with staff education than the latest tools.
  8. Adaptiveness in the face of new technologies, threats, and regulatory changes. Every CISO will confront challenges they’re not prepared for as risks evolve, so the ability to acknowledge those gaps will help organizations move faster.

Finally, be open to the possibility of working with an expert outside the cybersecurity field. Experience in risk management or national security can be an asset to the business, especially when their skills are complimented by a managed security services partner. After all, the risk variables may change from field to field, but the focus on eliminating threats remains the same.

Learn More: Cyber Risk Advisory and Vulnerability Management

Why Complacency Is Leaving the U.S. Electrical Grid at Risk

Why Complacency Is Leaving the U.S. Electrical Grid at Risk

On a list of the critical necessities for our country’s modern way of life, at the very top has to be electricity. Not only does it provide light, keep our food from spoiling and maintain a comfortable temperature in our living spaces, it powers the many screens with...

The Frontline is On Your Front Porch

The Frontline is On Your Front Porch

The battlefront of the digital world may be hidden, but it’s lurking right at our doorsteps. Cybersecurity affects each and every internet user – with more than 422 million individuals impacted by data compromises in the United States in 2022 alone. For the 16 sectors...

Share This