The Successful CISO: How to Build Stakeholder Trust | eWEEK | eWeek

The Successful CISO: How to Build Stakeholder Trust

enterprise data
Écrit par
eWEEK EDITORS
eWEEK EDITORS
Jan 18, 2022
4 minute read
eWeek Le contenu et les recommandations de produits sont indépendants de la rédaction. Nous pouvons gagner de l'argent lorsque vous cliquez sur des liens vers nos partenaires. En savoir plus

If we track the recent progress of the Chief Information Security Officer (CISO), there’s good reason to wonder if they are headed toward the visibility once reserved for CEOs, given how today’s dramatic security challenges have boosted their profile.

In a relatively short time, we’ve seen cybersecurity move from being an afterthought to become central to business operations. It really wasn’t until the very end of the millennium when the Melissa virus, coupled with the fear of Y2K disasters, launched “hacking” and data security into the public perception.

Since that time—a mere 20 years ago—we’ve seen a rapid evolution of the role of the CISO from a back-office controls and risk mitigation function to one of the most influential voices in the boardroom. CISOs are responsible for guarding against attacks that are not only costly in terms of revenue but also brand reputation.

In an era of rapid digital transformation, the role of the CISO has shifted to that of an “enabler,” helping companies securely move at the speed of the market. It’s not a stretch to assume that as the significance of the role continues to increase, so too will the public interest in the people holding these roles.

In fact, we’re already starting to see this shift as CISOs are increasingly being called upon to serve as thought leaders and experts in the eyes of external stakeholders.

Taking Center Stage: A Challenging Balance

Just as many brands have benefitted from the robust personalities of their CEOs, there is a corresponding argument to be made that putting the CISO front and center can be beneficial.

Data security remains a polarizing topic. According to a recent survey from KPMG, 67% of the U.S. general population say they want more transparency around how their personal data is being used by companies. And 40% say they would willingly share their personal data if they knew exactly how it would be used—and by whom. 

Similarly, in a “show, don’t tell” era, consumers may place more trust in an organization if they feel they know the person behind ensuring their data-safety. Humanizing the function by putting a name, face, and personality behind security and privacy measures can help convince consumers that the organization is truly, personally invested in securing their information.

But such exposure comes with its own set of risks. Elevating and celebrating the CISO could give cybercriminals an extra incentive to target the company—looking to specifically take down that figure.

Also see: 5 Cloud Security Trends in 2022

Best Practices for Today’s CISO: Earning Trust

CISOs and aspiring CISOs would do well to prepare for the eventuality of life in the public eye. Here are some guidelines. 

Use your Personal Brand for Good

The most important aspect of building your personal brand is understanding its purpose. Why are you building your brand? What are you hoping to accomplish? Almost invariably, the answer is to build stakeholder trust.

Always Work Through the Lens of Trust

Trust is earned in drips but lost in buckets. The unavoidable truth is that—if you’re a public figure—there is no such thing as off the record. You have to proceed under the assumption that the mic is always hot, and the camera app is always on “record.”

Before you speak, post, or act, ask yourself: Will this inspire trust or erode it? By the same token, remember that if the goal is to build trust, you need to maintain an open and honest approach with your audience.

Advertisement

Choose your Platform

Even though it’s called a “personal brand,” the lion’s share of your content will center around your professional expertise. As you endeavor to stand apart from the pack of fellow CISOs and would-be-CISOs, you’ll want to focus on educating a wider audience on a topic you feel is very important and yet not understood by many.

Set your Own Boundaries

If you find yourself asked to be a public figure on behalf of your company, remember that “showing your whole self” is a sliding scale. It does not mean you need to tweet that back-to-school picture of your fourth grader.

It might mean sharing some snaps of your new puppy if you’re comfortable with that. Or it might mean sharing a hobby that you’re passionate about. Remember, the goal is to help your audience understand the real you—but you decide where to let them in.

You Can’t Fake It

Creating a persona that is not true to you is a recipe for failure. It is not sustainable, and the world has become too interconnected with too many people having a microphone for you to successfully present a lie.

All it takes is one viral post from a friend or acquaintance who truly knows you to blow your cover, and in doing so destroy any trust you’ve cultivated.

Seek Expert Help

You’re a CISO because you are an expert in information security—and that is where your focus can and should remain. When it comes to building and maintaining your brand, seek out the experts. If your company is pushing you to be “more public-facing,” ask what resources are available to you to help create content, maintain social media engagement, and secure (and prepare for) traditional media opportunities.

According to a report from Grand View Research, the global cybersecurity services market size is expected to reach USD 192.70 billion by 2028. As the field continues to expand, we may well see the day when it’s commonplace for CISOs to be Twitter verified.

Get ahead of the game by taking steps today to ready your personal brand—but never forget that the goal is not to get famous. Rather, it is to further business objectives and results by building, maintaining, and growing stakeholder trust.

Also see: Cybersecurity in 2022: Solving the Skills Gap 

About the Author: 

Prasad Jayaraman is a Principal in KPMG’s Advisory Services

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Propriété de TechnologyAdvice. © 2026 TechnologyAdvice. Tous droits réservés

Divulgation publicitaire : Certains des produits qui apparaissent sur ce site proviennent d'entreprises dont TechnologyAdvice reçoit une compensation. Cette compensation peut influencer la façon dont les produits apparaissent sur ce site, notamment l'ordre dans lequel ils apparaissent. TechnologyAdvice n'inclut pas toutes les entreprises ou tous les types de produits disponibles sur le marché.