Security News > 2020 > May > CISO Conversations: Mastercard, Ellie Mae Security Chiefs Discuss the People Problem
In SecurityWeek's CISO Conversations series, we talk to top Chief Information Security Officers from major organizations within the critical industries to discuss the role of the CISO, and what it takes to be a successful CISO. In this feature, SecurityWeek talks to Mastercard CISO Ron Green, and Ellie Mae CISO Selim Aissi from the finance sector, concentrating on the people problem for CISOs.
"I think If either one of the two aspects is stronger than the other, then the CISO will not be successful. I think if a CISO is a salesman, a great communicator all the time but doesn't have the technical chops, then that's a problem. And if the CISO is way deep into the technology and does not focus on the people aspects, on processes, on communication, then that CISO will also fail. It really does require a good balance between the two."
The range of people the CISO must interact with Is huge, from business leaders to technicians, from risk people to governance, and people in other countries.
Mastering these five attributes, says Aissi, makes a good CISO - but the good CISO must have control of them all, all the time.
"The threat landscape is moving extremely fast in terms of malware advances, and evasion techniques, so it's difficult to track threats. You also need to have the whole company as aware as possible about security. That requires continuous awareness programs. A new CISO can build all kinds of amazing technologies, but if somebody clicks on the wrong attachment, then none of that is going to work if it leads to a brand new zero-day. The people delivering the threats get smarter every day, and so must we."