One thing that’s become clear over the last year is that pressure on CISOs is rising. Beyond the normal, everyday stresses of the role, CISOs now have to contend with the possibility of facing criminal charges for mishandling a cyber incident or misrepresenting their organization’s cybersecurity posture. The prospect of being indicted over a cyberattack will have a variety of downstream effects in 2024. It will impact the hiring market for CISOs, affect their compensation, and change the culture around cyber whistleblowing.
Between the sentencing of former Uber CSO, Joe Sullivan, and the charges leveled against SolarWinds CISO, Timothy G. Brown, 2023 set a new precedent for culpability in major cyber incidents. The SEC and U.S. federal prosecutors have demonstrated not only a willingness to hold CISOs directly accountable, they have also shown that the CISO is the first and easiest target.
Download Predictions on CISO Compensation, Employment Outlook and More Whitepaper