A data breach usually spells financial and reputational disaster. But such an event can also be an opportunity for a security professional to capitalize.
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series and Allan Alford (@AllanAlfordinTX). Our guest is Michael Piacente, co-founder and managing partner, Hitch Partners.
Thanks to this week’s podcast sponsor, Anomali
Got feedback? Join the conversation on LinkedIn.
On this episode of Defense in Depth, you’ll learn:
- Salary negotiation is a topic that is always in vogue, but the post-breach angle shows the value companies are eventually seeing in the CISO role. Unfortunately for them they realize it after the fact.
- A bad breach incident will cost far more than an investment in a good security team. But that’s your insurance policy.
- Location, industry, and size of company are all key factors on whether or not a CISO will be able to command a seven figure salary.
- Industry specific skills will definitely come into play. If a bank is breached and you’ve been a security professional or a CISO at multiple banks that has maintained its cybersecurity without any significant incidents, then you have a lot of leverage.
- When a company needs a CISO to right the ship, they’re going to want someone who has gained skills in the areas of communicating with the board, strategy, vision, leadership, and successfully creating a pro-security culture.
- Negotiating salary is not just isolated to CISO role. There are cloud security architects that are in high demand and can garner a much higher wage than just a couple years ago.
- Threats outnumber security people regardless of their rank. There’s no one person that’s going to prevent breaches. But if you have a poor security culture, then a company will need to pay for the talent to get it operating in the right direction.