CISOs are Agents of Change Your Company Can’t Be Secure Without

This interview was conducted by Clark Buckner of TechnologyAdvice (they educate, advise and connect software buyers to the best employee training software, customer loyalty platforms, business intelligence software and much more. They were this year’s media partner at InfoSec Nashville.

Marci McCarthy, CEO and President of T.E.N., will be a keynote speaker at the 2014 InfoSec Conference, where she will present on how Chief Information Security Officers (CISOs) are agents of change. She’ll also offer insight into the sales, marketing, and branding approaches she uses for her company.

McCarthy is an award-winning technology and information security executive. She founded Tech Exec Networks (T.E.N.), which offers acclaimed executive and peer-to-peer programs, as well as technology platforms, to help security executives gather the latest information to empower them for collaboration in order to make better decisions. T.E.N.’s flagship program, the Information Security Executive (ISE) of the Year, is a nationally acclaimed program that provides awards and educational programs for security professionals.

McCarthy spoke with TechnologyAdvice host Clark Buckner about the role of a CISO, what it was several years ago, what the role currently demands, the top three IT security threats today, and what the future holds for us amidst abounding, global security threats.

McCarthy practically built her career and company on providing information security executives need and awarding them for a job well done. T.E.N. validates what these executives do. They have a great understanding of what CISO’s do and how they’re essential to protecting a company’s infrastructure. Additionally, through their ISE brand, T.E.N. recognized the accomplishments of security professionals and project teams and brought together groups of information security professionals. From a local initiative that started in Georgia in 2002, ISE has now grown to become one of the leading fortifiers in the IT information security industry.

The Evolution of the Information Security Industry
From being an unidentified field a few decades ago, McCarthy described the evolution of the IT security industry as a major rocket ride. She noted the presence of several word-of-recognition programs for various professions, in terms of industry recognition or acceptance in the C-suite— except for security professionals.

McCarthy recalled that the the onset of this change occurred shortly after the September 11th attacks. Then, large-scale attacks and viruses became more sophisticated, targeting the country’s growing dependence on the Internet, and especially for sales and business-related activities. Consequently, identity theft became more powerful and more pervasive.

By the mid-2000s, companies began to see the relevance and seriousness of IT security breaches, so they created positions for information security executives. Since that time, increased online dependency among business of all types has resulted in an increased need for information security professionals, resulting in an industry that’s currently experiencing a shortage of experienced CISOs. Consequently, McCarthy pointed out that information security is presently an in-demand career path, an option she encourages passionate IT professionals to consider when looking for a stable job.

Ultimately, our growing global dependency on the Internet created a world of opportunity for information security professionals to find meaningful, helpful, long-term careers. Trained IT security professionals have the skills to prevent thieves from stealing information or intellectual property.

Top 3 IT Security Threats Today
McCarthy cited that the three top security threats in the world today are:

  • Cybercrime: She pointed to the August 18, 2014 announcement by Community Health Systems (CHS) as a recent, sophisticated attack that stole information from 4.5 million patients in southern and western states.
  • Cyberterrorism: Terrorists use the Internet for espionage, infiltration, propaganda, to recruit new members and vehicles, and to filter money.
  • Insider threats in a company or organization: People are often unaware of information that might leak out indiscriminately that could disrupt an entire business or infrastructure.

What the Future Holds for IT Security
McCarthy stated that World War III could come through a cyber attack considering how easy it is to penetrate and bring down a financial infrastructure. Additionally, cyber attackers are always modifying their methods, which means that CISOs and IT security personnel must always be learning.

Looking more closely at individuals’ needs for online protection, McCarthy suggested that new tools and technology should be put in place to help people protect their identities online, especially in light of prolific social sharing on multiple social networks.

Furthermore, she believes the law has to catch up with existing technology, which often requires more time than should be necessary, especially considering how quickly technology changes. Congress must look closely at cybersecurity and invest in security education.

McCarthy also spoke about how our qualified resources are few, so there ought to be a great, educational program to help train new CISOs and IT security workers. Other countries train IT workers to exploit vulnerabilities, so the U.S., McCarthy suggests, must train our people in a better way to protect our government and nation’s resources.

The Future for CISOs
McCarthy continually seeks to bring together IT information security professionals with solution providers by providing a platform for such individuals and companies to connect, collaborate, and celebrate.

She further added that ISE brings many opportunities to provide unique opportunities for projects to be showcased so they can receive more funding, benefit from more learning, and lead to more understanding of what IT security professionals do and how they’re doing it so that time isn’t wasted on outmoded, outdated security prevention measures.

On the future of CISOs, from an unidentified field to a huge career path, McCarthy views an information security professional as a must-have agent of change who touches all corners of an organization.

For more information on T.E.N.’s programs, events, and services, including the worldwide ISE programs, visit