What is The Career Path For a CISO in 2021? 

How to Start a Career in Cybersecurity

In today’s episode of Life of a CISO, Dr. Eric Cole answers the question, how does one actually become a CISO?

Many technical cybersecurity professionals think that by working hard and long enough on the technical path, they deserve to be a CISO.

There’s nothing wrong with being a world-class security expert, but becoming a CISO is a different career path.

Listen to this episode to better understand the difference in these two career paths.

In this episode:

  • 0:11 What is the career path for a CISO
  • 0:33 A CISO needs 2 skills: A business and cybersecurity skillset
  • 1:00 An example of these 2 skillsets
  • 3:01 Switching hats
  • 3:51 Notice the difference
  • 4:36 Both sides are fighting, you’re a translator and marriage counselor
  • 6:52 If you think a CISO doesn’t need to know it, you’re not cut out to be a CISO (right now)
  • 8:23 You aren’t creating financials, you just need to understand them
  • 9:12 You need to understand technical language and communicate it
  • 9:41 The three categories of CISOs
  • 11:40 A story about a C-Suite and the CISO
  • 14:19 “What do the executives want to get out of that meeting?”
  • 16:04 Do you really want to be a CISO?
  • 19:54 Assuming you want to be a CISO, most people have a security background, not a business background
  • 22:04 How to nail the interview
  • 25:37 How to move up within your current company
  • 26:45 Keep asking until you get a yes
  • 28:23 Why ask people for advice in positions you don’t want to have?
  • 29:03 First, honest assessment of where you are in business and security
  • 29:40 The two options to go from one to another
  • 30:01 Start within your own company
  • 32:49 You can’t be afraid of the word “no”