The Soft Skills Business Demands of the Chief Information Security Officer

Authors Richard Smit, Jeroen J.M. van Yperen Hagedoorn, Patric Versteeg, Pascal Ravesteijn
Published in Conference Proceedings 2021
Publication date 18 October 2021
Research groups Process Innovation and Information Systems
Type Lecture

Summary

While many researchers have investigated soft skills for different roles related to business, engineering, healthcare and others, the soft skills needed by the chief information security officer (CISO) in a leadership position are not studied in-depth. This paper describes a first study aimed at filling this gap. In this multimethod research, both the business leaders perspective as well as an analysis of CISO job ads is studied. The methodology used to capture the business leaders perspective is via a Delphi study and the jobs adds are studied using a quantitative content analysis. With an increasing threat to information security for companies, the CISO role is moving from a technical role to an executive role. This executive function is responsible for information security across all layers of an organisation. To ensure compliance with the security policy among different groups within the company, such as employees, the board, and the IT department, the CISO must be able to adopt different postures. Soft skills are thus required to be able to assume this leadership role in the organisation. We found that when business leaders were asked about the most important soft skills the top three consisted out of 'communication', ‘leadership’ and 'interpersonal' skills while 'courtesy' was last on the list for a CISO leadership role.

Downloads en links

On this publication contributed

  • Pascal Ravesteijn | Professor | Process innovation and information systems
    Pascal Ravesteijn
    • Professor
    • Research group: Process Innovation and Information Systems

Language English
Published in Conference Proceedings 2021
Year and volume 30 4
Key words Soft Skills, CISO, cybersecurity, competences
Page range 41-59

Process Innovation and Information Systems