The number of CISOs hired from another company is an astounding 64%, according to new research from Marlin Hawk.
The research shows that there isnâ€™t a good plan for keeping current CISOs happy, succession planning is nonexistent, and there seems to be a lack of hiring from within.
Some of the key findings from the report include that more than half of those interviewed (53%) have been in current roles for two years or less, which means they started a new job during the COVID-19 pandemic. Though the role of CISO has greatly changed, most do not have seats on Boards.
As the world emerges into a post-pandemic reality, the importance of a robust cybersecurity function has never been more apparent. In 2020, virtually all companies were exposed to multiple security challenges in the race to accommodate a remote workforce. In the face of these challenges and mounting fiscal pressure, the Chief Information Security Officer (CISO) emerged as one of the most resilient and dynamic members of the C-suite.
In addition to quantitative analysis, this report includes qualitative research gathered from semi-structured interviews focused on the short- and long-term impacts of the pandemic on the CISO role, perspectives on tenure and succession, the evolution of the cyber function, and board level impact.
James Larkin, Partner at Marlin Hawk added, â€œWe cannot go back in time and add to the graduating classes of the â€™80s, â€™90s, or â€™00s. If organizations want to bolster their cyber talent ranks, while maintaining the technical watermarks already set, then internal training, management rotations, accreditation and broader career experience have to be taken into account. Otherwise, we will see a continued supply shortage for another decade waiting for the next generation of leaders to arrive.â€
Marlin Hawkâ€™s second annual CISO report analyzed the profiles of the top 470 CISOs across North America, Europe, and Asia Pacific with a lens on the current environment. The data this research paper references is Marlin Hawk proprietary data, which surveyed 470 CISO (or equivalent) executives employed at businesses with 10,000 or more employees. This data comprises 300 North American businesses in Canada and the United States; 125 European businesses and 45 Asia Pacific businesses.
Read the full report by Marlin Hawk.