Management & Strategy

What Does a Typical Fortune 100 CISO Look Like?

What does a CISO look like? You may think that’s a tough question–and it is. But the folks at cybersecurity firm Digital Guardian have done some research and profiled the typical CISO at a Fortune 100 enterprise.

Mike Lennon

March 17, 2016

Not surprisingly, Digital Guardian found that most CISOs were overwhelmingly male at 89 percent. In terms of education, 85 percent had at least a Bachelor’s degree, while 40 percent also had a Master’s degree. Just and a few had a PhD or JD, they said.

The top three fields of study for these CISOs were business, information technology/information security, and computer science.

Of the Fortune 100 CISOs they looked at, 80 percent have held their current position for less than five years. When it comes to certification, half have a CISSP certification and 22 of them have a CISM certification. Fortune 100 security leaders hold an average of 2.86 certifications.

Digital Guardian created the infographic below which outlines “the anatomy of a CISO” to sum up their findings in a fun way.

Are you a CISO? Request your invitation to SecurityWeek’s 2016 CISO Forum, taking place at the Ritz-Carlton, Half Moon Bay on June 1-2.

Anatomy of a CISO Infographic

Request your invitation to the exclusive 2016 CISO Forum, taking place at the Ritz-Carlton, Half Moon Bay on June 1-2.

Advertisement. Scroll to continue reading.

Written By Mike Lennon

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Latest News

Click to comment

Virtual Event: Cyber AI & Automation Summit

Wednesday, December 6, 2023

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.

Virtual Event: Cyber Insurance & Liability Summit

Wednesday, January 17, 2024

As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.

Humans Are Notoriously Bad at Assessing Risk

When too much subjectivity is mixed into risk assessment, it can produce a risk picture that is not an accurate representation of reality. (Joshua Goldfarb)

5 Steps to Assessing Risk Profiles of Third-Party SSE Platforms

It's crucial to thoroughly assess the risk profiles of various SSE platforms and weigh their suitability against their organization's risk tolerance before adopting SSE. (Etay Maor)

Threat Intel: To Share or Not to Share is Not the Question

To share or not to share threat intelligence isn’t the question. It’s how to share, what to share, where and with whom. (Marc Solomon)

Addressing the State of AI’s Impact on Cyber Disinformation/Misinformation

By embracing a strategy that combines technological advancements with critical thinking skills, collaboration, and a culture of continuous learning, organizations can safeguard against AI's disruptive effects. (Rik Ferguson)

Offense Intended: How Adversarial Emulation Went From State Secret To Board Bullet Point

Offensive Security does not focus on discreet attacks, singular actors, or Indicators of compromise, but understands the entirety of both sides of the battlefield. (Tom Eston)

Application Security

Source Code Security Firm Cycode Launches With $4.6 Million in Funding

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Eduard KovacsSeptember 24, 2019

Topics for 2023 Cybersecurity Insights Series

CISO Strategy

SecurityWeek Cyber Insights 2023 Series

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Kevin TownsendFebruary 13, 2023

CISO Conversations

CISO Conversations: HP and Dell CISOs Discuss the Role of the Multi-National Security Chief

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

Kevin TownsendMay 10, 2023

CISO Conversations

CISO Conversations: Code42, BreachQuest Leaders Discuss Combining CISO and CIO Roles

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

Kevin TownsendMarch 1, 2023

CISO Strategy

Burnout in Cybersecurity – Can It Be Prevented?

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Kevin TownsendMarch 22, 2023

Management & Strategy

The Effect of Cybersecurity Layoffs on Cybersecurity Recruitment

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Kevin TownsendJanuary 30, 2023

Cybersecurity Funding

The Five Stories That Shaped Cybersecurity in 2022

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem

Ryan NaraineDecember 29, 2022

Endpoint Security

Windows 7 Extended Security Updates, Windows 8.1 Reach End of Support

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

Eduard KovacsJanuary 10, 2023

SECURITYWEEK NETWORK:

ICS:

SecurityWeek

Management & Strategy

What Does a Typical Fortune 100 CISO Look Like?

More from Mike Lennon

Latest News

Virtual Event: Cyber AI & Automation Summit

Virtual Event: Cyber Insurance & Liability Summit

Expert Insights

Humans Are Notoriously Bad at Assessing Risk

5 Steps to Assessing Risk Profiles of Third-Party SSE Platforms

Threat Intel: To Share or Not to Share is Not the Question

Addressing the State of AI’s Impact on Cyber Disinformation/Misinformation

Offense Intended: How Adversarial Emulation Went From State Secret To Board Bullet Point

Related Content

Application Security

Source Code Security Firm Cycode Launches With $4.6 Million in Funding

CISO Strategy

SecurityWeek Cyber Insights 2023 Series

CISO Conversations

CISO Conversations: HP and Dell CISOs Discuss the Role of the Multi-National Security Chief

CISO Conversations

CISO Conversations: Code42, BreachQuest Leaders Discuss Combining CISO and CIO Roles

CISO Strategy

Burnout in Cybersecurity – Can It Be Prevented?

Management & Strategy

The Effect of Cybersecurity Layoffs on Cybersecurity Recruitment

Cybersecurity Funding

The Five Stories That Shaped Cybersecurity in 2022

Endpoint Security

Windows 7 Extended Security Updates, Windows 8.1 Reach End of Support

SECURITYWEEK NETWORK:

ICS:

More from Mike Lennon

Latest News

Trending

Daily Briefing Newsletter

Virtual Event: Cyber AI & Automation Summit

Virtual Event: Cyber Insurance & Liability Summit

Expert Insights

Humans Are Notoriously Bad at Assessing Risk

5 Steps to Assessing Risk Profiles of Third-Party SSE Platforms

Threat Intel: To Share or Not to Share is Not the Question

Addressing the State of AI’s Impact on Cyber Disinformation/Misinformation

Offense Intended: How Adversarial Emulation Went From State Secret To Board Bullet Point

Related Content

Application Security

Source Code Security Firm Cycode Launches With $4.6 Million in Funding

CISO Strategy

SecurityWeek Cyber Insights 2023 Series

CISO Conversations

CISO Conversations: HP and Dell CISOs Discuss the Role of the Multi-National Security Chief

CISO Conversations

CISO Conversations: Code42, BreachQuest Leaders Discuss Combining CISO and CIO Roles

CISO Strategy

Burnout in Cybersecurity – Can It Be Prevented?

Management & Strategy

The Effect of Cybersecurity Layoffs on Cybersecurity Recruitment

Cybersecurity Funding

The Five Stories That Shaped Cybersecurity in 2022

Endpoint Security

Windows 7 Extended Security Updates, Windows 8.1 Reach End of Support