Chief Information Security Officer
CISO Career Resource Guide

 
home | career path | resources | news | contact a CISO

 

What prepares somone for the career path that leads to a role as a Chief Information Security Officer? There is no simple answer to this question.

Today the role of Chief Information Security Officer demands the skills of a senior business executive, technology professional, and effective manager. As a result, CISOs have broader areas of responsibilities and spheres of influence including IT risk management, security policy development, corporate governance, and regulatory compliance.

Someone contemplating the role of CISO, should have several years of experience and solid understanding of business continuity planning, auditing, and risk management, as well as contract and vendor negotiation in the IT field. It is important that a CISO have strong working knowledge of industry and government regulations, laws, and the law enforcement community.

Beyond career experience what formal and technical education is necessary to be a successful CISO? Although few universities offer undergraduate and graduate degree programs in information security, there is no single academic degree program that prepares someone to become a CISO.

The U.S. National Security Agency (NSA) has designated a select group of universities as The National Centers of Academic Excellence in Information Assurance Education.

 

 

This may be a good starting list of universities for you to explore if you are considering formal education programs with concentrations in information security.

In terms of continuing education, there are a few professional information security certifications that are worth considering. The International Information Systems Security Certification Consortium, is the organization that administers the Certified Information Systems Security Professional (CISSP) certification, one of the premier certifications for information security professionals. Another valuable professional certification is the CISA (Certified Information Systems Auditor). The CISA is the Information Systems Audit and Control Association's (ISACA) cornerstone certification. Since 1978, the CISA exam has measured excellence in IS auditing, control and security. The CISA certification has been earned by more than 48,000 professionals since inception and has grown to be a globally recognized symbol of achievement.

Education, experience, and professional certification are all necessary foundations for anyone considering a career as a CISO. Being a successful CISO will require mastery of skills, knowledge, education, and most importantly being an effective business leader.

 
Copyright © 2006 The CSO Board LLC
This career resource guide is published as a public service announcement (PSA), free of charge, to the online community by Jaime Chanaga, CISSP, CISA and his firm The CSO Board LLC. This publication contains the opinions and ideas of its author and is designed to provide useful advice and formats to the reader on the subject matter covered. Any references to products or services in that pursuit do not constitute or imply an endorsement or recommendation. The publisher and author specifically disclaim any responsibility for any liability, loss, or risk (financial, personal, or otherwise) which may be claimed or incurred as a consequence, directly or indirectly, of the use and/or application of any of the contents of this publication. The publisher does not attest to the validity, accuracy, or completeness of this information. Use of a term in this publication should not be regarded as affecting validity of any trademark or service mark.