The role of a CISO has evolved over the years’ and now requires someone who combines InfoSec capabilities with business requirements. They must be able to align cyber to business strategy, speaking both languages while developing reporting metrics that satisfies the board and promotes good cyber resilience across the business. All these attributes support the belief that the CISO of the future doesn’t have to come from an IT background.

In this podcast, Steve Durbin, Managing Director ISF, addresses the objectives a CISO should aim to achieve in the first 100 days in the role, and offers insights into how a CISO should work with the board and security teams to achieve these.