An average CISO Tenure is 17 months. This is why we brought up the burnout issue. Some of the factor are listed below:
CISO Role Expectations-
- Prevent any security risks in an enterprise (Superpower Expectation)
- Communicate & drive security in terms of business
- IT Security Infrastructure (Scale it from the present condition)
To secure the enterprise, the CISO must use tools/security products. Here's a challenge in itself. The number of IT Security Vendors and Products are ever increasing. It's not even robust, a single google search doesn't give much insight into the numbers of the same. This results in decision complexity increases many folds. As a community initiative we are taking steps to make this less challenging for you (For details send a mail at analyst@cisoplatform.com)
How complex can the decision become?
Technically if we consider the 'decision tree model' (often used in computational complexity), the function is directly proportional to the no. of factors/parameters affecting the decision making. This means, the larger number of vendors, the larger the complexity. And all this is often done in your brain-it's a challenge we probably don't comprehend everyday. But that's what a CISO or other Senior Security Officer's brain faces.
For more details on the computational tree models follow the reference link
Ref: https://en.wikipedia.org/wiki/Decision_tree_model
Challenges Faced By The CISO (Why they get fired/quit)-
- Bandwidth to evaluate security vendors
- Huge number of security vendors (e.g. Gartner had tracked 23 End Point Protection Vendors)
- Getting a team together with the deserved skills (security skills are way below demand)
- Difference of Opinion with CIO (the interests vary)
- Communicating security to the Board
- Single security dashboard for managing and tracking the various reports & incidents
How To Simplify The Selection Of Security Vendors?
The one place to search up all available options and their real life user experience could reduce the dimensions of decisions making to 2 instead of the earlier complex parameters. A robust view will allow for tremendous time saving and probabilistic right product selection. This is what FireCompass does-beta version of this is available. To add the manual expertise and experience, some of the best industry analysts from cisoplatform have agreed to guid the process.To request demo or user feedback mail at analyst@cisoplatform.com.
Why Fire Compass
It is a community initiative available in freemium model as well as premium.
- Maps all security vendors under all major security domains
- Holistic security landscape view
- Decision backed by experienced security analysts
- Security Benchmarking helping in Gap Analysis-CPSMM
References-
http://www.csoonline.com/article/3077243/it-careers/vendor-overload-adds-to-ciso-burnout.html
http://www.csoonline.com/article/3057243/security/these-cisos-explain-why-they-got-fired.html
http://www.computerweekly.com/news/2240103602/Too-many-products-spoil-security-management
Comments