any companies nominally hiring CISOs seem to neither understand nor embrace the role and give it zero BSA (budget, staff and authority). Or they use the CISO in some purely technical capacity. Still others are hiring a CISO to check off compliance with some recently cemented regulation. Such a position amounts to someone hired to "sit on the bomb" so that when security inevitably blows up, there's a fall guy. Job candidates are left twisting in the wind, overqualified for the positions that are available, and unable to find leadership positions where they can effect the real changes necessary to protect stakeholders' interests.
By Scott Berinato at CSO.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.