I was speaking last week with Jacqui Loustau (founder of the AWSN and the most connected security person I know) about the challenges of recruiting Heads of Information Security who have ‘done the role before’. We chatted about the pool of people who are willing to move into Heads-of roles and those who are experienced enough to meet the requirements of a hiring company. It got me thinking about one of my early blogs “an alternative path to security leadership” and the ‘what’s in it for me’ for those being encouraged into Heads-of positions. So, with consideration, here are 5 great reasons to take on a role as Head of Information Security (insert other senior security leadership role as you see fit…)
1. Being a Head of Information Security can be a great stepping stone to a CISO role (and vice versa) or CIO position given your knowledge across all aspects of IT. You are likely to have been involved in IT operations as well as having built a strategy that crosses IT and the business – experiences that not all c-level candidates can exhibit.
2. Being a Head of Information Security is a great pitstop enroute to the Board having spent your days practicing good governance and being exposed to risk management, both technical and business.
3. Travel. Need I say more. Experienced Heads of Information Security are highly sought after globally as up-and-coming CISO’s and subject matter experts. The opportunities for work in all corners of the globe in senior roles can definetly be realised (if you’re up for the challenges of expat life…but as always…that’s another blog for another day).
4. Not only can you move countries but you can move industries. Skills needed by Heads of Information Security are transferrable across industry from banking to utilities to FMCG and digital. Security Leaders can soak in the risk profile of a new industry and surround themselves with subject matter experts in order to successfully protect a new-found area of interest.
5. Finally, and possibly most importantly, you can leave a legacy by way of a groomed successor – having nurtured skills in your direct reports to help create experienced, seasoned Heads of Information (and Cyber) Security for the future. Mentoring and coaching the next generation of security professionals to be influential, communicate effectively and leverage the value of relationships is key to there being enough experienced future Heads-of to go around who have ‘done it before’.
With that said, there are many other benefits to leading a security function – including being able to work with some very talented people who are committed to the greater good. If you’re interested in a career as a Head of Information Security or indeed as a CISO, acquiring the skills needed to realise this dream can be a challenge. Most organisations will expect that you can build a strategy, influence demanding stakeholders and inspire the workforce to join the security journey – which is no mean feat. But despite the challenges, with this pivotal role offering so many benefits, who wouldn’t want to pursue the path to being a senior information security leader and beyond?