Yet CISOs do bounce back - even after multiple firings, illustrating the demand for these professionals.
One CISO was reemployed a month after his first dismissal, and six months after his second. To illustrate the point that good security chiefs are hard to find, he picked up a ‘CISO of the year’ award at a well-known awards ceremony during this time.
This is by no means unique. After its data breach last year, TalkTalk allegedly fired two of its senior security staff, both of whom now hold similar positions at high-profile financial services companies.
Experts say that CISOs looking to improve in their roles and further their career should network with peers to learn more, upskill where possible, and to hire good people around them.
In a recent piece for CSO, Tom Bell suggests finding a mentor, learning how the business works (including every department), working closely with the CIO, and not being afraid of asking for help. Palmer agrees, but goes further.
“The best career development for me is to do what I do better. Security practitioners should never stop learning. Find team members who are better than you or develop them until they are better than you. Make sure they have good challenges and be open to debate to so they will challenge you and make you better. Keep finding better ways to listen and communicate. Doing things outside work helps too.
“Anything that helps give you a broader perspective on life is good, particularly if it involves looking at security differently, solving complex problems, communication skills, or making organizations work.”
Thacker adds: “Work with your CISO peers. The industry is thriving with people who have experience and are willing to help others. Communities exist where discussions on good security strategy and both wins and fails can be shared.
“A successful CISO will be involved in these communities and not only should offer advice and become a mentor, they will also learn from others such is the vast, varied challenge information security offers.”
Sign up for Computerworld eNewsletters.