Skip to main content

on-the-short-tenure-of-cisos-and-low-frequency

I came across this post which pointed to this article on how to hedge funds can write a series of naked puts on low-probability events and look like geniuses. I have equated this to the information security market before and I have pointed out other posts about low-frequency, high-impact events.

This is an agency problem in many ways. What occurred to me was that this same logic is probably impacting the average tenure of CISO/CSOs. If you're a CISO and you have not had a high-impact event at your company, then chances are: 1. You will be viewed positively by potential employers; 2. The likelihood of a high-impact event that would be your responsibility at your current employer is getting higher; 3. Any high-impact event at a new job could be blamed on a predecessor for some time.

Current rating: 1

Recent Posts

Archive

2024
2022
2021
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom