A CISO’s Life, FOMO Is Real, & Cybersecurity’s Hiring Problem – BSW #239

Landing the position of a Chief Information Security Officer job can be quite thrilling, and at the same time, overwhelming. The first three months of a new security chief’s life are highly significant. Like any leadership position, how you begin can make or stain your position within the company. Here are bad moves to avoid: 1. Trying to do too Much 2. Having a Negative Mindset 3. Blaming Others Instead, here are things to consider to realize big wins in the first 100 days: 1. Make Preparations 2. Assess the Organization and Risk Status 3. Start Developing your Security Plan 4. Act and Measure

Ellen Benaim, the newest CISO at Copenhagen-based SaaS provider Templafy, started her career at the company in June 2018 as technical support, but from the moment she sat down in an interview with Henrik Printzlau, the company’s co-founder and former CISO, she knew that she wanted to become CISO at Templafy one day. That day came in March 2020.

Today, we work from anywhere, on more devices, more networks, facing more risk than ever before. Widespread phishing, malware, ransomware attacks, and other frauds pose a risk not just to individuals or platforms, but to entire economies, governments, and our way of life. Yet the way we think about securing our businesses and our data hasn’t really kept up. Business resources are often still allocated to defensive cyber security, which is focused on protecting the confidentiality and integrity of data. But these defenses are proving insufficient in the face of attacks that grow more sophisticated by the day. We need cyber resilience in addition to cyber security, and it’s important to understand the difference.

One troubling insight is that, according to many Enboarder respondents, HR's problem-solving may be to no avail. Two-thirds of respondents said they have not changed their behavior or opinions because of an HR initiative in the past 12 months. Many employees are feeling battered by the demands of digital work. Generally speaking, 54% of workers surveyed said they feel more overwhelmed by the number of work-related notifications since March 2020. The rate is higher for managers surveyed, with 63% of respondents saying they're overwhelmed.

It's estimated that the number of cybersecurity jobs will grow by around 31% until 2029, which is seven times faster than the national average. This growth is in large part a response to the huge pressure organizations are under in the face of a surge in cyberattacks during the Covid pandemic.

Microsoft believes education is key to creating a larger talent pool for America's vacant cybersecurity positions. In this week's SecurityWatch, we examine the barriers applicants must overcome to get a job in cybersecurity.