> Then I'm not sure what the point of your post was.
That "but she has a music degree!" is the least relevant part of evaluating if someone is qualified for such a CISO role or not. Someone with the "wrong" degree but talent and relevant experience would easily beat someone with a fancy "Masters of Information Security" degree that then muddled around in less relevant areas. Focusing on people's degrees is almost always the wrong measure in IT.
> Someone with the "wrong" degree but talent and relevant experience would easily beat someone with a fancy "Masters of Information Security" degree that then muddled around in less relevant areas.
Sure, totally agreed.
> Focusing on people's degrees is almost always the wrong measure in IT.
Maybe 20 years ago. (I was there.)
Today, asking for exceptional technical depth and a proven track-record of leadership is not a big ask.
Then I'm not sure what the point of your post was.
Software security is a mess in large part because of the phenomenon you describe.
> Then I'm not sure what the point of your post was.
That "but she has a music degree!" is the least relevant part of evaluating if someone is qualified for such a CISO role or not. Someone with the "wrong" degree but talent and relevant experience would easily beat someone with a fancy "Masters of Information Security" degree that then muddled around in less relevant areas. Focusing on people's degrees is almost always the wrong measure in IT.
> Someone with the "wrong" degree but talent and relevant experience would easily beat someone with a fancy "Masters of Information Security" degree that then muddled around in less relevant areas.
Sure, totally agreed.
> Focusing on people's degrees is almost always the wrong measure in IT.
Maybe 20 years ago. (I was there.)
Today, asking for exceptional technical depth and a proven track-record of leadership is not a big ask.
4 replies →