ON HIRING A CISO: CHANGES TO GRAMM-LEACH-BLILEY’S “SAFEGUARDS RULE” MANDATE HIRING OF A QUALIFIED INDIVIDUAL TO MANAGE ORGANIZATIONAL SECURITY
DOI:
https://doi.org/10.60154/jaepp.2022.v23n2p291Keywords:
Gramm-Leach-Bliley, Safeguards Rule, Information Security, CISO, IT SecurityAbstract
Pending changes to the Gramm-Leach-Bliley-Act "Safeguards Rule" will soon mandate the hiring of a qualified individual to manage firm IT and security needs. This requirement will force many firms to hire a Chief Information Security Officer ("CISO") for the first time. Due to the uniquely difficult nature of a CISO's role, the dearth of available talent, and the high costs associated with hiring a qualified professional, firms require a sound understanding of elements to consider in making this choice. In this light, this paper examines essential in-depth factors to consider in finding and retaining the right CISO. While finding the right CISO is a tough challenge, hiring the right person should yield substantial positive contributions to organizational security and the best interests of stakeholders, clients, and the firm itself.
