IANS Research has been working for the past two decades to address the challenges faced by InfoSec practitioners in collaborating effectively. Unlike other analyst firms that provide broad overviews of market participants, IANS focuses on sharing specific solutions that have been successful in the past. By leveraging the expertise of industry professionals with hands-on experience, IANS offers valuable insights on problem-solving approaches.
A new SEC rule change is expected to require public companies to disclose the cybersecurity expertise of their board members. This is in response to the lack of cyber understanding on most boards. Research conducted by The CAP Group found that 90% of Russell 3000 companies do not have a single board director with cybersecurity expertise, highlighting a significant gap in cyber expert supply.
Phil Gardner, the CEO of IANS Research, stated that boards will need to identify candidates with cybersecurity expertise to comply with the new SEC rule. He believes that CISOs (Chief Information Security Officers) are likely to be considered for these positions. However, Gardner also noted that only a small fraction of CISOs are currently strong candidates for board positions. To address this gap, IANS Research has partnered with Artico Search and The CAP Group to provide valuable insights and recommendations to both boards and CISOs.
The “CISOs as Board Directors, CISO Board Readiness Analysis,” conducted by IANS Research in collaboration with Artico Search and The CAP Group, evaluated the qualifications of CISOs across the Russell 1000 (top 1000 US public companies by market capitalization). The analysis focused on five key traits of credible cyber board candidates. The findings revealed that less than half of Russell 1000 CISOs stand out as potential board candidates.
The research also highlighted several key insights:
1. 90% of public companies lack a qualified cyber expert on their boards, indicating a significant supply-demand gap.
2. Only 15% of CISOs possess the broader traits required for board-level positions, while an additional 33% have a subset of necessary traits.
3. Merely 2% of the top 1000 CISOs are board-certified.
4. Half of the qualified CISO candidates are either female or from underrepresented groups, demonstrating an opportunity for companies to add diversity and cyber expertise in a single candidate.
This last point is particularly relevant as SEC rule 5605(f) will enforce diversity by requiring boards to have at least one female and one underrepresented minority.
IANS Research has been instrumental in fostering collaboration among InfoSec practitioners for the past 20 years. Their model relies on the expertise of industry professionals to share real-world solutions to security challenges. By offering Ask an Expert sessions, IANS enables clients to seek guidance and engage in interactive discussions on problem-solving approaches. These sessions cover various topics ranging from troubleshooting technology platforms to addressing organizational and people-related issues.
Aaron Turner, a Faculty member of IANS Research and Saas CTO at Vectra AI, emphasized the value of these Ask an Expert calls. He stated that they provide insights into real-world problems across a wide range of organizations, from small businesses to multinational conglomerates. Turner has built strong connections with security teams within IANS’ customer organizations, which helps him perform research on complex security problems.
For security practitioners facing evolving threats and demanding executives, IANS Research serves as a valuable resource for decision-making and risk articulation. Their experience-based security insights support CISOs and their teams in making informed choices. The core value of IANS Research lies in its Faculty network, composed of seasoned practitioners who provide guidance through Ask-an-Expert inquiries, peer community interactions, deployment-focused reports, tools, templates, and consulting services.
To learn more about IANS Research and its offerings, visit their website at https://www.iansresearch.com/.
About the Publisher:
Gary Miliefsky, the Publisher and Author of Cyber Defense Magazine, is a renowned cybersecurity expert, bestselling author, and keynote speaker. With his founding membership in the US Department of Homeland Security and his contributions to the National Information Security Group, Miliefsky has played a significant role in the field of cybersecurity. He is also the founder and Publisher of Cyber Defense Magazine since 2012.