THOUGHT LEADERSHIP SERIES 1.20: Importance & Impact of CSO Role in the Rapidly Changing World.

On February 10, 2017, and again on November 18, 2020, events unfolded that should capture the attention of leaders within the global cybersecurity community. I wonder how many have taken a moment to deeply reflect on these occurrences. If you're among those who have, I'd be keen to hear your insights.

Mr. Donald J. Trump probably is the first and the only president in the world who has fired Cyber Security Chief’s during his tenure.

• Cory Louie: White House's Chief Information Security Officer (Removed on 10th Feb 2017)
• Chris Krebs: Director of Cybersecurity and Infrastructure Security Agency (Removed on 18th Nov 2020)

In the corporate realm, similar incidents are not uncommon; however, it marked a precedent when a country's president directly dismissed Chief Security Officers (CSOs) for the first time.

For a clearer picture of the significance of these events, here's a list of other officials who faced termination by the same president:

• Rex Tillerson: US Secretary of State (Removed on 13th Mar 2018)
• HR McMaster: National Security Adviser (Removed on 22nd Mar 2018)
• James Comey: Director of FBI (Removed on 9th May 2017)

The dismissals weren't about the reasons behind them but underscored the criticality and influence of CSO roles.

Here are pivotal inquiries these events trigger in my view:

1. Are leaders, whether in politics or business, acknowledging the CSO's role as critical, on par with that of a National Security Adviser in a governmental context?
2. Was the political figurehead using the CSO as a fall guy, attributing election losses to fraud, despite the absence of proof and despite Chris's commendation for exemplary performance? Notably, scapegoating CSOs is, unfortunately, a familiar scenario in the corporate arena.
3. Will organizations now empower CSOs with the authority that matches their responsibilities, moving beyond a superficial compliance mindset?
4. Are security departments poised to receive the funding they need, aligning with the organization's risk landscape and vulnerability?
5. Is it time for CSOs to earn a permanent seat at the Board of Directors' table?
6. Will CSOs be integral to strategic and business decisions, with a clear and effective RACI in place?
7. Is the era upon us where CSOs are rightfully acknowledged and held accountable for their arduous tasks and their results?
8. Will the compensation for CSOs align with that of other C-suite executives?
9. Might the hiring or termination of a CSO—or the absence of one—begin to sway public trust or even affect stock prices, akin to the impact of CEO or CFO transitions? (There are precedents of stock values dropping post-security incidents.)

I welcome additional questions or perspectives on this discussion.