Ian Schneller, the Chief Information Security Officer (CISO) at Health Care Service Corporation (HCSC), has witnessed the evolution of cybersecurity since he entered the workforce in the early 1990s. Back then, cybersecurity was a nascent function within companies, primarily focused on defending against attacks and protecting systems and information. Schneller recalls that the role was highly technical, often filled by individuals with a background in system administration or development.
As Schneller advanced in his career and eventually became a CISO, he noticed significant changes in the cybersecurity landscape. By 2017, a growing number of Fortune 500 companies had appointed CISOs to lead their security operations. The role of CISO had evolved beyond technical defense to encompass a broader range of responsibilities related to maintaining the security and integrity of the organization.
Today, CISOs oversee complex security operations that go beyond technical defense. As Schneller aptly puts it, the technical aspects of cybersecurity are now considered “table stakes” – the minimum requirement for playing the game. CISOs are now expected to engage with leaders across the enterprise and collaborate with employees at all levels to ensure comprehensive cybersecurity practices.
Data from a recent Splunk survey supports Schneller’s observation of the changing nature of the CISO role. The survey found that 86% of CISOs believe their role has evolved significantly since they first started, almost resembling a different job.
Schneller has identified five key tenets that CISOs must embrace to succeed in the modern cybersecurity landscape. The first key tenet, according to Schneller, is recognizing the breadth of the CISO role. CISOs today must understand the comprehensive nature of their responsibilities, which extend beyond traditional technical defense to include collaboration with leaders and employees throughout the organization.
In summary, Ian Schneller’s journey from a technical cybersecurity role to a strategic leadership position as CISO highlights the evolving nature of cybersecurity in the modern business environment. As organizations continue to face increasingly sophisticated cyber threats, the role of the CISO has become more crucial than ever, requiring a holistic approach to cybersecurity that goes beyond technical defense.