CISOs and Direct Reports: How To Develop a More Strategic Mindset

August 26th, 2014

Topics: Enterprise IT Risk Management Talent & Workforce

Today’s chief information security officer (CISO) is facing a new set of challenges.

  • As threats from criminal organizations, nation states and groups such as Anonymous are on the rise, more CEOs are recognizing the need for the CISO to drive information security and information risk strategy.
  • Research from the Ponemon Institute discovered that only 6% of security professionals believe they are highly effective at communicating risk factors to senior management.
  • While digital marketing is on the rise and with it affiliated security issues, according to a 2013 report by Accenture, only one in 10 marketing and IT executives say collaboration between marketing and IT is at the right level.
  • CISOs are increasingly being asked to take responsibility for information risk management and privacy policy in addition to information security, which offers an entirely new set of challenges. For example, with dual responsibility comes two bosses: CISOs are  often reporting to the chief risk officer or chief compliance officer in addition to the CIO.


In response to these challenges, Tuck School of Business offers the Business Engagement and the Information Security Professional program (BESP). This year will mark our 5th edition of BESP, and each year the issues become more complex and stakes for corporations become higher. This executive education program helps senior security professionals to:

  • Enhance leadership and financial skills to become a more vital and strategic partner to the C-suite
  • Broaden understanding of risk management and decision making
  • Sharpen business communications skills
  • Develop a robust network of peers
  • Participate in twice daily, facilitated-sharing of best practices


Past participants of this program have benefited from the skill development and knowledge sharing. Rob Geurtsen, Director of Global IT Security at Nike, Inc. said, “This really prepares you for taking the next step in your career.” And Coca-Cola Enterprises’ director of information security, Kyle Waddle echoed, “BESP helped us develop our skills as leaders and helped us to understand how we can become more effective in our organizations.” Info Sec professionals from over 35 companies including ABB, Aetna, Bechtel, BT, Cargill, Chevron, Colgate, Credit Suisse, Delta Airlines, eBay, General Dynamics, Goldman Sachs, Nestlé and Staples have also benefitted from the BESP program.
Is BESP right for you or for a colleague? Please contact us to learn more or apply online today.
Hear from Nike, L.L. Bean, Coca-Cola Enterprises and Eaton regarding their experience at BESP 2013.

Related Post

Trending Digital Business Topics