This article was originally published on not your CISO on Medium. Read the full post →
There has been quite a chatter in the security community for the last couple of weeks. It is always some discussion — be it a new breach, a new framework, or a regulatory shift — but this one felt different.
The conversation: is the CISO role broken? Between the SolarWinds aftermath, the SEC charging CISOs personally, the expectation of omniscience with the authority of a middle manager, and the burnout rates — a lot of security professionals who once had the CISO job as their north star are quietly reconsidering.
This post is my honest take on the role, the conversation, and whether “I don’t want to be a CISO anymore” is a reasonable conclusion or a reaction to a news cycle.