How CISOs Undersell Their Skills And What They Should Do About It

9
How CISOs Undersell Their Skills And What They Should Do About It

As the job responsibilities of many CISOs have significantly transformed, they should showcase more of their executive expertise in their resumes instead of only focusing on technical prowess.

The job responsibilities of CISOs have significantly evolved, especially since the pandemic. To survive this environment, they not only they need to have IT security expertise but also have leadership and executive abilities. CISOs should include points that showcase their security leadership contributions to their organizations, which could include events, activities, and accomplishments when seeking new job opportunities. They should lead with those ideas instead of the technical skills and detailed security work that is often seen in most CISOs resumes. Recruiters and executive advisors emphasize that the candidates for CISOs positions should design their resumes to showcase their leadership capabilities and not their technical credentials. Clearly they are not getting the right message- many security professionals still haven’t embraced that change and as a result, are still guilty of submitting low-quality resumes. Below are some common mistakes that recruiters, CISOs and executive advisors states that candidates still make:

Also Read: The Risks and Benefits associated with Automated Cybersecurity Defenses

Not showcasing executive abilities

According to Gartner’s CISO effectiveness Index report, the most effective CISOs demonstrate five key behaviors. They don’t shy away from discussing evolving security norms, have a formal and actionable succession plan in place, prioritize updating decision-makers about their present and future risks, collaborate with their C-suite and other senior leaders, and proactively engage in securing emerging technologies. However, when applying for leadership positions, many CISO candidates often leave out information that doesn’t demonstrate their ability to formulate a vision for their enterprise, develop a strategy, and manage risk, reducing their chances for success. Therefore, CISOs should develop the ability to communicate and translate security into the ability to fight business risk while being able to portray it on their resume.

Not showcasing achievements

Many CISOs tend not to include information that showcases what they have accomplished in their current and previous jobs as per industry experts. They also leave out the details about their prior organizations and the size and scope of their responsibilities, the size of the team they managed and the budgets they had. Instead of stating they helped to mature an organization’s security programs, CISO should provide details on where and how they contributed to organizations that created an impact to drive security maturity.

Also Read: Cybersecurity Begins With Employee Wellness

Only Showcasing Technical Details

Even though most CISOs should have executive skills as well as a track record of delivering value to their enterprises, they should also understand the technological infrastructure they’re in charge of securing. However, it doesn’t mean they should convey their technical expertise using technical jargon, buzz words and abbreviations. Except for fellow security leaders, it would be difficult for a CEO or board member to evaluate a CISO resume that includes too much technical jargon.

CISO candidates should put technical skills and accomplishments in a business context. Therefore, they should craft their more business-focused resumes and talk about the impact that their IT security expertise will have on the business of the hiring organization.

For more such updates follow us on Google News ITsecuritywire News