A survey by research firm Gartner shows that the best performers in cybersecurity put a lot of time and effort into themselves.

Gartner conducted a comprehensive survey of 227 chief information security officers (CISOs) over a three-year period. It turned out that those who perform best are also those who invest in their personal professional development.

Five times is a spell

The job of the CISO is subject to rapid and constant development. That’s why it’s important to develop professionally, says top researcher Chiara Girardi. Building knowledge and new skills is therefore essential.

In the survey, Gartner identifies five key characteristics that differentiate top CISOs from the rest. To be considered a leader, someone had to be in the top 33 percent.

On average, this group invests one and a half times as much effort as the others. This is evident from the figures for the five significant behaviors of the best compared to their weaker peers:

• Start discussions about evolving standards to stay ahead of threats

77 percent versus 50 percent

• Proactively capture new technologies

63 percent versus 38 percent

• Make regular time for professional development

69 percent versus 36 percent

• Network with high-ranking decision-makers in business beyond projects

65 percent versus 37 percent

• Define risks together with high-ranking company decision-makers

67 percent versus 28 percent

knowledge is powerful

According to Girardi, no organization can protect itself completely against threats, but the best CISOs stay as informed as possible about existing and emerging threats. As technologies like AI and machine learning evolve and get better, it’s important to keep up.

Therefore, in her opinion, it is also important to build a relationship with those who make the decisions from above. It is important that cybersecurity is also addressed at this level and that it plays a role in various areas of company policy. A CISO who can smoothly pass on this knowledge plays a leading role here.

This bond can also play an important role in the mood of many CISOs. Stress can be a critical factor in the smooth functioning of cybersecurity teams. A previous Gartner study found that insufficient support within an organization can cause CISOs to simply give up. By 2025, even half could change jobs completely.