Alta Associates
Specialists in executive recruitment for over 20 years.
8 Bartles Corner Road, Flemington, NJ 08822 • P: 908.806.8442 • info@altaassociates.com
Expert Advice
Joyce Brocaglia is the executive career advisor for CSO magazine. The following questions and answers are featured on CSO's online magazine (www.csoonline.com).
Back to Expert Advice Question List
What education does a CSO typically have? From my understanding they come from the technical side. To get to the executive level do you need an MBA or similar degree?
I understand the question to be, "What education does a typical CSO have and what will I need to compete for this role in the future?" In the past, senior security executives have come from many different backgrounds and have attained their positions through experience and tenure with their companies rather than any specific educational pedigree. A survey of current CSO credentials would be very eclectic. Many of today’s CSOs began their careers in the military, a government agency like the FBI or the law enforcement community. These individuals have honed their expertise in information security and evolved into corporate security officers. Other CSOs have had very strong technology experience and developed a focused discipline in information security. There are security officers who are extremely technical and lack a formal degree as well as CSOs that are recognized industry experts who have many advanced degrees. It is only recently that companies are recruiting CSOs as opposed to promoting individuals from within their organization.
As information security becomes a more important issue on the CEO’s agenda and the role of the information security officer becomes more mainstream, we are witnessing the demand for more formalized requirements. In order to compete for a current CSO opening you should consider: an undergraduate degree (although an advanced degree is preferred), to be professionally active as an executive member of industry related associations or advisory boards, and to attain professional certifications. However, it’s important to note, the key to the "new CSO" is not a particular educational credential or technical skill, but rather someone who has a proven ability to interface with business units to develop and implement security solutions that meet their needs and allow them to remain competitive.