The Chief Information Security Officer: An Analysis of the Skills Required for Success

The aim of this study is to determine a set of skills needed for a Chief Information Security Officer (CISO) in a competitive business today. To this end, a review of the literature and IT security executive interviews were conducted to identify a set of relevant skills. This list was then compared to a set of job listings for CISOs. Ultimately, a set of skills were developed that organizations can use when defining the CISO position and seeking new CISOs.

[1]  Petter Gottschalk The Chief Information Officer , 2007 .

[2]  Wing S. Chow,et al.  A Study of Trust in E-Shopping before and after First-Hand Experience is Gained , 2006, J. Comput. Inf. Syst..

[3]  Chen Zhang,et al.  Secure Information Sharing in Internet-Based Supply Chain Management Systems , 2006, J. Comput. Inf. Syst..

[4]  Alan R. Peslak,et al.  Papa Revisited: A Current Empirical Study of the Mason Framework , 2006, J. Comput. Inf. Syst..

[5]  John A. Johnson,et al.  The international personality item pool and the future of public-domain personality measures ☆ , 2006 .

[6]  Choong Kwon Lee Analysis of Skill Requirements for Systems Analysts in Fortune 500 Organizations , 2005, J. Comput. Inf. Syst..

[7]  Robert W. Zmud,et al.  Behavioral Intention Formation in Knowledge Sharing: Examining the Roles of Extrinsic Motivators, Social-Psychological Factors, and Organizational Climate , 2005, MIS Q..

[8]  John R. Kros,et al.  Assessing & Quantifying the Loss of Network Intrusion , 2005, J. Comput. Inf. Syst..

[9]  Dwayne Whitten,et al.  What is a Chief Privacy Officer? An Analysis Based on Mintzberg's Taxonomy of Managerial Roles , 2005, Commun. Assoc. Inf. Syst..

[10]  Tamara Dinev,et al.  Internet privacy concerns and their antecedents - measurement validity and a regression model , 2004, Behav. Inf. Technol..

[11]  Stephanie M. Clancy Dollinger,et al.  Individual differences in personality traits and anxiety about aging , 2003 .

[12]  Chang Liu,et al.  Raising a Red Flag on Global WWW Privacy Policies , 2002, J. Comput. Inf. Syst..

[13]  Randy Ryker,et al.  Online Privacy Policies: An Assessment of the Fortune E-50 , 2002, J. Comput. Inf. Syst..

[14]  Albert H. Segars,et al.  An Empirical Examination of the Concern for Information Privacy Instrument , 2002, Inf. Syst. Res..

[15]  C. Ranganathan,et al.  An Exploratory Examination of Factors Affecting Online Sales , 2002, J. Comput. Inf. Syst..

[16]  Petter Gottschalk,et al.  The chief information officer: a study of managerial roles in Norway , 2002, Proceedings of the 35th Annual Hawaii International Conference on System Sciences.

[17]  Valerie L. Worthington,et al.  Existential Computer Anxiety and Changes in Computer Technology: What Past Research on Computer Anxiety Has Missed , 1999 .

[18]  Deborah Compeau,et al.  Social Cognitive Theory and Individual Reactions to Computing Technology: A Longitudinal Study , 1999, MIS Q..

[19]  Donna L. Hoffman,et al.  Building consumer trust online , 1999, CACM.

[20]  Rex B. Kline,et al.  Principles and Practice of Structural Equation Modeling , 1998 .

[21]  James D. Russell,et al.  An examination of state anxiety and computer attitudes related to achievement on paper-and-pencil and computer-based mathematics testing of nursing students , 1998 .

[22]  H. Jeff Smith,et al.  Information Privacy: Measuring Individuals' Concerns About Organizational Practices , 1996, MIS Q..

[23]  Varun Grover,et al.  The Chief Information Officer: A Study of Managerial Roles , 1993, J. Manag. Inf. Syst..

[24]  R. Kelly Rainer,et al.  The Influence of Individual Differences on Skill in End-User Computing , 1992, J. Manag. Inf. Syst..

[25]  John A. Pearce,et al.  Formulation, Implementation and Control of Competitive Strategy , 1991 .

[26]  Fred D. Davis,et al.  User Acceptance of Computer Technology: A Comparison of Two Theoretical Models , 1989 .

[27]  J.-C. Spender,et al.  Industry recipes : an enquiry into the nature and sources of managerial judgement , 1989 .

[28]  James C. Anderson,et al.  STRUCTURAL EQUATION MODELING IN PRACTICE: A REVIEW AND RECOMMENDED TWO-STEP APPROACH , 1988 .

[29]  Paul T. Costa,et al.  Evaluating comprehensiveness in personality systems: The California Q‐Set and the five‐factor model , 1986 .

[30]  D. A. Kenny,et al.  The moderator-mediator variable distinction in social psychological research: conceptual, strategic, and statistical considerations. , 1986, Journal of personality and social psychology.

[31]  C. Fornell,et al.  Evaluating structural equation models with unobservable variables and measurement error. , 1981 .

[32]  Henry Mintzberg,et al.  Managerial Work: Analysis from Observation , 1971 .