Conventional wisdom says that a detailed understanding of the unique business functions of a particular industry is required to translate cybersecurity threats into the business risk language that other public and private sector executives expect – or even demand. For example, a solid background in banking, including financial controls, processes and related regulations, is usually required to be a CSO or CISO at a large bank.
This line of thinking has led many security leaders to not even apply for CSO roles in other industries. But why?
To dig deeper into this topic and get answers to help others, I asked a series of questions to two experts who have successfully navigated senior security leadership roles across multiple industries over many years.
From 2016-2019, Cheri McGuire served as global group chief information security officer (CISO) at Standard Chartered Bank based in London. She has held senior roles at Microsoft, Symantec, US Department of Homeland Security Cyber Division/US-CERT, and Booz Allen Hamilton. Cheri currently sits on the Monetary Authority of Singapore International Cyber Advisory Panel, the Board of Directors for Entrust Datacard…