Career Spotlight: What’s a Chief Information Security Officer?

Cybersecurity office

As the importance of cybersecurity is becoming increasingly apparent to major corporations and other organizations, IT professionals have been edging their way into the C-suite. One example is chief information security officer (CISO)—a position that many corporations have embraced in an effort to modernize their organizations and take on the challenges of the 21st century. Could a C-suite position be in your future?

The History of the CISO

Steve Katz is widely recognized as the world’s first chief information security officer. Katz began his career in cybersecurity consulting before cybersecurity was a buzzword. In the 1970s, he and his colleagues worked in FORTRAN and COBOL programs. During the next few decades, Katz’s job responsibilities continued to evolve as PCs were introduced, and he climbed higher on the corporate ladder to eventually become the CISO of Citibank. In 1994, the importance of cybersecurity hit home to the corporation when there was a massive data breach in the international funds transfer system. In response, Katz was named as the CISO of the world’s first cybersecurity executive office. Today’s CISOs don’t have quite the uphill battle that Katz faced, as modern CEOs and CFOs understand all too well the damage a data breach can cause and the importance of strong cybersecurity measures.

Core Job Responsibilities of the CISO

Every organization has unique needs and business processes. At some corporations, the CISO is given free rein. At others, the CISO has somewhat less creative discretion. However, all CISOs have considerable decision-making powers. Some of the core responsibilities of the typical CISO include the following:

  • Recruit, hire and lead a team of information technology experts
  • Develop a strategic plan regarding the formulation of cybersecurity programs and measures
  • Oversee the creation of and compliance with the organization’s security policies, procedures and standards
  • Develop comprehensive risk assessments based on audits of existing tech systems
  • Stay alert to new cybersecurity threats and evolving infrastructures

In addition, a savvy CISO will remain mindful of the importance of continuing education and professional development. He or she will spearhead efforts to connect the IT staff to training programs. The CISO may also design and implement cybersecurity education training programs designed for the average (non-IT) employee at the company or for the consumers the company serves. In short, a typical CISO’s day is divided between technical duties and non-technical leadership responsibilities.

The Future of the CISO Role

Just by taking a quick look at Steve Katz’s career as the first CISO, it’s easy to see how rapidly this managerial position has evolved over time. It’s expected that, like cybersecurity itself, the role of the CISO will continue to be redefined and fine-tuned during the coming years and decades. One anticipated trend is the need to define an overarching, long-term cybersecurity strategy for each organization, rather than allowing a company’s information security program to be immediately affected by each new headline about data breaches. Future CISOs will need to be visionaries who provide strong leadership to keep the company steady even in the midst of temporary cybersecurity setbacks.

Grand Canyon University is a leader in cutting-edge tech degree programs. When you earn your Master of Science in Cybersecurity from the College of Science, Engineering and Technology, you will be better prepared to pursue high-level leadership positions within the cybersecurity realm. Click on the Request More Information button on this page and begin exploring how an MS in Cybersecurity can propel your career forward.

The views and opinions expressed in this article are those of the author’s and do not necessarily reflect the official policy or position of Grand Canyon University. Any sources cited were accurate as of the publish date.