Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceSecurity Education & TrainingCybersecurity News

Hiring a CISO: The evolving role of your security executive

By Karen Turrini, Douglas Gladstone
The Uncharted Path for New Security Leaders
August 6, 2020

Before COVID, cybersecurity was a concern for businesses everywhere. In fact, in Microsoft’s 2019 Global Risk Perception Survey, 57 percent of companies ranked cybersecurity as a higher risk than economic uncertainty and brand reputation or damage. 

As COVID continues on, cybersecurity risks remain high. In April 2020, the World Health Organization saw a fivefold increase in cyberattacks on its staff and organization, and by the end of March 2020, Microsoft reports that every country in the world had seen at least one COVID-19 themed attack.

Looking ahead, what does all of this mean for the role of the Chief Information Security Officer (CISO)? Not only is it more important than ever before — with 61 percent of companies having someone in the role of a CISO — but the role has shifted since the start of COVID.  According to Douglas Gladstone, Comhar Partners Managing Director, “The role of the CISO has greatly shifted to focus more efforts on remote work and business continuity. With an influx of more remote cyber threats, we will likely see an increased need for security training and more emphasis on supporting help-desk staff in providing virtual security assistance. To better manage continuity, a focus on patching remote systems via VPNs will likely take precedence.”

If you’re among the 39 percent of companies without a CISO, it’s time to consider who can best fill this role for your organization. With the workforce going remote, more attacks on the rise, and the need to evolve company technology in order to stay competitive, the person in this role must be able to manage a unique set of security challenges. 

Consider the skills today’s CISO needs to find the best candidate for your company. 

 

Securing the remote workplace

The vitality of the CISO function has become more apparent for nearly every business as they shift to remote, which brings its own set of security challenges. No longer does risk need to be contained within the four walls of the office. Now the CISO must secure employee devices and accounts across the country or even around the world. 

As such, the person in this role needs to be familiar with developing and updating policies and procedures company-wide, along with applying them and tracking success. They also need to understand the landscape of tools like VPNs and Network Access Control and be able to implement them successfully to ensure the company is never at risk. 

More importantly, they need the team to continually manage the various tools, policies and measures put in place. This is why hiring a CISO who can take the lead with hiring in-house employees or an outsourced support team to manage new risks as they arise is critical. 

“Security solutions are extremely crucial especially for the remote workforces,” says Karen Turrini, Comhar Partners Managing Director. “In addition to sophisticated security breaches, simple malware is detected often as a result of the remote workers. It’s estimated that the remote workforce will continue with 50 percent remote and 50 percent in corporate offices when this pandemic subsides. Companies will demand CISO expertise more than ever.”

A successful CISO will be incredibly tech-savvy and adaptable. Someone in this role needs to be able to work around the complications and additional security concerns surrounding the ever-increasing remote workforce. 

 

Maintaining cybersecurity as a cultural mindset

The job of a CISO isn’t just to make sure the company is secure and the IT team is doing what it needs to. With 90 percent of data breaches caused by human error, a critical part of this role is developing a culture of security and nurturing this among the entire company, from their IT team to sales, marketing, HR and operations. 

The CISO needs to share their knowledge of security with the whole team, and make sure it’s accessible and easily understood by all team members—not just those proficient in security and IT. For example, the person in this role might implement strong password policies company-wide and develop ongoing and engaging cybersecurity training. 

Employees are one of the biggest risks for organizations, so tasks like educating team members about phishing and ensuring everyone is using two-factor authentication are key elements of the modern CISO.  

Additionally, there should be open communication with all departments so that employees feel comfortable reporting threats as soon as they arise. The whole team needs to be able to work together in conjunction with IT and the security team to build a resilient and secure organization. 

 

Enabling competitive advantages

The role of the CISO is to be a security expert as the company evolves. As Justin Somaini, Chief Security Officer of SAP, says, “Digital technologies and connectivity have infused every aspect of the business. This elevates risk, but it also elevates the value and importance of the cybersecurity function. The CISO increasingly has a seat in the executive suite because security is no longer just about risk; it’s also about competitive differentiation.”

Security isn’t just about keeping your company safe. Now, it’s about securing the product that you offer, along with customer data, paywall information, and much more. As the role of technology in business expands, so does the role of the CISO. 

Looking at 2020 and COVID, however, it’s becoming even more challenging for the CISO to enable this competitive advantage while maintaining security. As Jack Mannino, CEO at nVisium, explains to Security Magazine, “The challenge for many organizations is continuing to accomplish their security must-dos with significantly fewer resources. Relying on a pool of trusted security partners is critical, as niche skills or deep expertise may come from external sources when internal headcount is constrained.”

This is why the role of the CISO cannot be underestimated. Despite a lack of resources, their authority, experience and expertise can keep the organization safe as they expand in an uncertain world. 

 

The evolving role of the CISO

The CISO is more critical now than ever before. Companies need to not only maintain normal security measures, but they also need to secure a remote workforce, nurture a security-minded company culture and leverage the CISO’s expertise as the company evolves. The right person in this role will be able to keep the company and its customers safe, which in turn affects every other area of the business. This makes the CISO a key role for every organization to consider as they expand into the “new normal” and manage the risks that come with it.

 

This article originally ran in Today’s Cybersecurity Leader, a monthly cybersecurity-focused eNewsletter for security end users, brought to you by Security Magazine. Subscribe here.

KEYWORDS: Chief Information Security Officer (CISO) COVID-19 cyber security information security risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Karen turrini
Karen Turrini is a Managing Director at Comhar Partners based in San Francisco,California. Karen brings 25+ years’ experience in retained search and delivers upon exceptional customer and candidate experience staying in constant communication with all parties to ensure a successful result. Karen specializes in senior-level executive search assignments in the technology arena with a concentration on expanding high growth businesses specifically Consumer Internet, Enterprise and Security Software, Digital Media, Data Analytics, Infrastructure and Mobile. Karen places C-level, Vice President and other senior-level executives with an emphasis on Chief Executive Officer, Chief Operating Officer, Marketing, Sales, Product, Finance and Human Resources. Prior to joining Comhar Partners, Karen was the president of Turrini Associates for 18 years, specializing in Sales/Marketing executive positions within the technology sector. Previously, Karen was a partner at Kingsley Gate providing services to Fortune 500 companies. Karen helps lead the Technology Services-North America/Latin America Industry Practice Group, as well as the Chief Financial Officer and Marketing and Sales Functional Groups. She has earned a Bachelor’s Degree from University of the Pacific.
 
 
Douglas glastone

Douglas Gladstone is a Managing Director at Comhar Partners based in San Francisco.  He has over 16 years of executive search experience within the Technology, Financial Services and Industrial Industries. He specializes in recruiting senior management and C-level executives for clients including small, niche firms, Fortune 1000 enterprises, venture and private equity sponsored companies. Doug brings dedicated expertise in SaaS, FinTech, Cloud, Cyber Security, IoT, AI, Machine Learning, Mobile, Semiconductor, Digital Transformation and Consumer Electronics. Prior to joining Comhar Partners, Doug was a Partner with Odgers Berndtson and owner of Gladstone Search where he built numerous executive teams for his clients and served as a member of the firms Technology, Board and CFO practices. Before his career in executive search, Doug served as the former CFO of America Online Music and the leader of PricewaterhouseCoopers’ Financial Operations Advisory Group. Doug received his MBA and BS of Finance from Virginia Tech University and currently resides in the Bay Area.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Cybersecurity
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Logical Security
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    New Security Technology
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Coding on screen

Research reveals mass scanning and exploitation campaigns

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • hybrid-work-security-fp1170x658.jpg

    How the role of CISO is evolving due to hybrid and remote work

    See More
  • Boardroom

    The critical role of a CISO means advocating for cybersecurity

    See More
  • identity management freepik

    The evolving role of user experience in security

    See More
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing