Related Posts
More Posts
Any words about DDB letting go people recently?
Additional Posts in Consulting
Is travel that bad? Would I like it? 25 - Female
New to Fishbowl?
Download the Fishbowl app to
unlock all discussions on Fishbowl.
unlock all discussions on Fishbowl.




Obligatory not a PPMD/SM but specifically for a CISO:
From my engagements with C-Suites, the CISO always feels like they’re on the bottom of the food chain. They have to justify every $X spent, Y product purchased, Z headcount hired, etc…
Then when they inevitably get half or less of the budget they requested because what they do inherently doesn’t generate revenue, they’re unable to run their program optimally and on the off chance an incident occurs the CISO is the sacrificial lamb to the Board and investors and a new CISO is brought in to ‘fix’ the mistakes of the previous one.
Have a lot more to say but basically I would never want to be a CISO.
Yup, even now there’s a large shift happening within the CSuite as they begin to view IT/Cyber from a back-office/internal function to a business function that provides tangible, measurable value to the other [internal] business offerings.
Other changes in ideologies include CSuites looking into opening their industry specialized in house IT/Cyber teams to consult other firms which is an alternative revenue stream among many others.
Regardless, while it was going to take some time, thanks to COVID as well as the plethora of zero-days/randomware/cyber-incidents, the clients I’ve had recently have already began trying to strategize how IT/Cyber fits into their organization going forward.
Rising Star
Also, consulting partners are likely to make more money. Not all of them certainly — I’m sure the CISO at Google or whatever makes a bajillion dollars — but comp falls off a lot faster in industry than most people realize.
Thank you! @partner 1 What are your thoughts on cyber product companies which have a much more scalable product (e.g., crowdstrike, tanium, etc) compared to a service industry like consulting?
All of the above. There’s good money to be made in consulting. CISO is a thankless job, and there’s not enough money to make it worth it.
You call out transfer to cyber product company, which is probably the path I’ll take if I change my mind on the partner track. Stepping stone toward a “normal” corporate leadership position, as opposed to a cyber SME.
CISOs are basically sacrificial lambs. There’s a reason they rotate out so often.
I was a partner at PwC and also KPMG. $$$$$ is my answer. Its a lot more (in most cases) than an industry position.