Which CISO skills one should perfect is a matter of opinion, and CHECS’s 2014 higher ed CISO study revealed some of those opinions.
CISOs tagged information technology (IT) security best practices knowledge as their go-to skill, listing communication, leadership and relationship building among their top four.
But if higher ed chief information officers have a voice in the matter, they think leadership and relationship building skills should be lower on the priority list, replaced by technical knowledge and IT legal and policy expertise. CISO opinions about necessary skills mirror industry literature.
While CIOs placed technical knowledge high on their list of top CISO skills, by way of comparison, CIOs also believe they need technical skills in their own jobs. On the other hand, while CIOs named leadership as a top skill for their own career field, they did not feel that CISOs needed it, instead placing IT forensics, computer networks, and interpersonal skills above leadership. Both groups agree that communication is an essential skill – for both positions.
The differing opinions may not seem like an issue. However, considering that three-fourths of CISOs report to the CIO, and CIOs may have a hand in writing the job description and hiring, their opinions may have an influence on the skills CISOs hone. As the role matures in higher ed, what is important may change as well as whose opinion matters the most.