A quick InfoWorld article on the traits of a good CISO. The tagline says some of these traits are surprising (or that maybe deep technical knowledge being lower is surprising), but I’m personally not surprised by this at all. I think the technical knowledge is related to making informed decisions, knowing what information is needed to make informed decisions, and in being a good mentor. Other traits are a good moral compass and the ability to take the blame. I really like the mention of taking blame, since it is so hard to admit being wrong or just taking the blame for someone else. We’re not trained that way as kids with school and report cards and everything else. We’re questioned by adults (parents) until we make up some excuse or blame someone else.
Oops, that turned into a ramble.