What does the CISO say? A Tweetchat roundup

May 7, 2019  |  Javvad Malik

Note from the editor: Javvad has left AT&T Cybersecurity, but on his last day he penned a final blog, recapping the awesome tweet chat we had with all star CISO's. Here is Javvad's heroic working-the-last-day blog:

On 18th April 2019, @ATTCyber gathered a panel of CISOs (and recovering CISOs) for a tweetchat to discuss some of the questions that we’ve always wanted to put to senior security folk.

The virtual panel consisted of Thom Langford, Quentyn Taylor, James Gosnold, Andy Rose and Raj Goel; with participation from many others.

To see the whole discussion thread, search for #SecurityTechTalk on Twitter for 18th of April. Below I’ve summed up some of the key discussion points around each questions.

What advice would you give to people wanting to become a CISO? What skills should they develop? 

The first question was geared up around the skills needed to be a successful CISO. Most of the answers revolved around non-technical skills that a CISO needs.

Another thread of thought was assessing whether the role of CISO is the right one for every security practitioner.

Life after CISO

While some practitioners are looking to become CISO’s - the longer term question is what does life after being a CISO look like? Is there a clear career path beyond?

It’s not very clear, some stay as CISO’s, some may try their hand at other things. Like many senior positions, there may be a shortage of clearly defined paths to take, but that doesn’t mean there aren’t a plethora of alternative opportunities that exist.

Money money money

We asked the panel where should a CISO prioritise their budget.

We followed up by asking what security things you wish CISO’s would stop spending money on. The answers were pretty consistent.

Game of Thrones

Next up, we delved into the position within a company that a CISO should ideally report to.

As one would expect, “it depends…”


Being a CISO isn’t just about being a technical leader for an organisation. It’s also about being a people manager. So how does a CISO look after their team and ensure they have a good balance in their lives.

Mind the gap

We see a lot of numbers being thrown about with reckless abandon bemoaning the skills gap. But where do CISOs feel the biggest skills gap lies within their organisations?

Thom doesn’t believe there is much of a skills gap as it stands, well at least not in the way it’s often portrayed.

Andy Rose summed up the responses in this tweet

Security Awareness

How important is security awareness? And which methods of awareness are the most effective?

That turned out to be a unanimous yes.

What the future holds

Finally, we wanted to do a little bit of crystal ball gazing to see what the future holds for a CISO. Will there be a significant change in the job, or the skills needed to effectively carry out the job.

All wrapped up

And that brought us to the end of the hour. We were grateful to our panelists for their time and lending their expertise. Check out the full conversation on twitter #SecurityTechTalk, and we look forward to seeing you again at the next AT&T Cybersecurity tweetchat.

Share this with others


Get price Free trial