Discovering new skills and talent

CISOs must evolve their talent strategy to reflect the changing roles, competencies and skill sets needed to address digital risk.

The importance of digital competencies

CISOs must go beyond thinking in terms of roles when planning for digital business initiatives. They must now carefully consider which competencies and skills are required to address digital risks.

Gartner has identified five competencies integral to digital business execution:

Adaptability. Demonstrates flexibility, agility and the ability to respond effectively to changing environments.
Business acumen. Demonstrates awareness of internal and external dynamics with an acute perception of business issues.
Digital dexterity. Showcases the ability to leverage and manipulate media, information and technology in unique and innovative ways.
Outcome driven. Focuses on desired results and business outcomes. Sets and achieves challenging goals.
Collaboration/synergy. Exemplifies collaboration with other members of formal and informal teams in pursuit of common mission, vision, value and goals.

5 new security and risk management roles

Digital risk officer

The traditional CISO role today will eventually transform into the digital risk officer. Instead of managing information and protecting infrastructure, the digital risk officer will manage cybersecurity risk. Less technical skill is need for this role and success depends on a strong business acumen and the ability to collaborate and communicate effectively.

Chief of staff for security

The chief of staff for security, sometimes referred to as the deputy CISO, removes the administrative burden from the CISO, freeing up time to focus on higher value activities. The deputy CISO must influence and communicate effectively to optimize security workflows and processes.

Data security scientist

The data security scientist incorporates data science and analytics into security functions and applications specifically, how machine learning, artificial intelligence and analytics can be deployed to automate tasks and orchestrate security functions using algorithms and mathematical models to reduce risk. This role requires advanced mathematical skills and statistical and data analysis.

Security “ombudsman”

This role acts as the liaison between lines of business and the security program. Depending on the organization, this role can report into a business function and requires adaptability and political savviness.

Digital ecosystem manager

This role coordinates security and privacy assessments and helps the digital risk officer communicate across the organization’s ecosystem, including vendors, supply-chain, regulators and other external players that could impact digital risk. It is one of the fastest growing cybersecurity roles.