The CISO (CSO or Security Leader) can be seen as the bus stop for all things cyber and security including aspect beyond their reach or areas of expertise. The job specification includes a kitchen sink or two and when it comes to taking responsibility for a hack guess where the buck often stops!

This role spawned as an afterthought in the late 1990's and its relative immaturity presents a series of traps into which the unwary invariably fall.

YOUR CISO FINGERPRINT – A graphical representation of your prowess that you can compare with the data on other Officers who have completed the assessment.
YOUR STYLE – Your unique approach to the role as informed by the responses you gave to key questions as to approach and bias.


The many Finger Print assessment results in so far illustrate that just like the human finger print all CISO's are truly unique. So what is this assessment?

The CISO Finger Print presents a graphical image of the CISO in a non- linear model that:

  • weighs core characteristics / traits
  • removes sensitivity over scoring
  • presents a useful comparison platform giving insight into relative prowess (not subjective / idealistic)
  • informs the CISO office (whether one or more strong) of where to add complementary strengths when possible to do so
  • clarifies the role specification for those considering hiring a CISO (what flavour of CISO do I need?)

How do I take the assessment?

Please feel free to take the assessment which is early in its development stage, we welcome feedback. Your report is for your eyes only unless you ask for it to be Certified in which case your responses will be audited / checked and you will likely be interviewed.

1.- Technical Lead

Often coming from an IT or IS background with a strong bias and passion towards the more technical and detailed aspects of cyber security. May have a long list of industry certificates and accreditations to support and underpin their experience. Focus on tools and technology as the main element to the mitigation of risk. Typically develop a solid allegiance and affinity with technical and IT/OT departments and system owners. Seen as technical experts and respected ‘geeks’ by the business. Tends to think and operate from a more conventional and conservative world view. Medium to longer term drive and momentum. Focus on ensuring systems and architectures are resilient and secure.

2.- Strategy Lead

Often coming from a commercially focused background where leading on finding and developing appropriate solutions to business related challenges or problems is critical. Sees technology as an enabler and a means to an end to get a job done. More a consumer of technology than an enthusiast. Visionary, post conventional thinker and driven style. Can visualise and work with whole systems and process’s across an enterprise. Wants to lead change and is not frightened by the challenges of doing so. A disruptor to the status quo. Sets the vision, develops the road map and the strategy to meet current and emerging challenges. Focus on ensuring the business as an ecosystem is secure. Communicates well with the executive team as ‘speaks their language’ and understands the business implications of cyber security as well as how to articulate and present this to the board to gain their support and backing. Aligns the organisation to a clear set of objectives and works with cross departmental and functional teams to implement. Audits progress and maintains progressive momentum, adaptive, open and approachable.

3.- Operational Lead

Often coming from a security focused operational role within the business and experienced in managing the day-to-day operational aspects of information and data security. Strong focus on understanding business needs underpinned by a good grasp on supporting technologies and functions such as the Security Operations Center (SoC) and/or Network Operations Center (NoC) or the IT support function. A conventional thinker with the ability to effectively blend operational and security needs in a manner that balances a pragmatic approach to sometimes competing disciplines. Most effective and motivated in a steady state BAU environment where developing day-to-day security resilience aligned to operational efficiency is paramount.

4.- Advisory

Often coming from a consultative background and taking the role of trusted advisor to the senior executive and main board. Has an in depth knowledge of the cyber risk landscape and the impact that a significant breach would or could have on the corporate infrastructure. Skilled in areas such as post breach recovery and managing the development of a cyber resilient ecosystem. Articulates and sells the need to take cyber security seriously and is respected as a credible source of advice and guidance across the enterprise. Capable of delivering both conversional and post conventional strategies and solutions to meet security needs. Sees technology as a part of the solution but understands that taking a more wholistic approach is needed to beat the cyber criminals and the evolving risks that encompasses. Effective in supporting CISO’s to achieve greater and faster progress and in challenging the status quo where needed.


Ascot Barclay Group Limited
71-75 Shelton Street, Covent Garden
London WC2H 9JQ
United Kingdom

“Mike Loginov is a commentator and presenter on the International Cyber Security Speaker Circuit and has been a judge for the SC Magazine European Cyber Security Awardsfor the past three years. He is also regularly quoted in this leading security publication as an authoritative source”. – SC Magazine