This section is not only about the leader, e.g. the CISO, it’s also about how to lead the company through the cybersecurity challenges and how the CISO role emerges to a Chief Information Security Orchestrator balancing and leading multiple stakeholders. We will not come up with a new organizational design of the security system since we don’t think that this is a key differentiator to make information security a success. A new technocratic organization will not get you to the level where you need to be

Leadership is about guiding people to a certain goal by positively influencing them, so that they actually want to act and behave secure