The First 90 Days Are Crucial for the CISO and CIO

by Brian Pereira | Oct 28, 2024

This book gives you insights into crafting a robust 90-day plan, and you'll be well-equipped to catapult into CIO and CISO roles successfully.

IT managers view the CIO and CISO roles as the pinnacle of their careers. But getting to the top is not easy; it requires special skills, knowledge, and experience.

When organizations seek external candidates for these roles, it is common to organize 10 – 12 interviews, if not more. What are the qualities and skills they are looking for? What kind of questions do they ask CIO and CISO candidates in interviews?

To fulfill this, the CIO and CISO are expected to present a 90-day plan. But how should they go about writing that plan, which is a blueprint for their mission?

Also see: How To Prepare for Cybersecurity Risk – Part 1

The answers to all these questions can only come from a highly experienced CIO and CISO. Offline peer community engagement would help C-suite technology leaders learn from others’ experiences and is supplementary C-suit leadership training.

But now, you get it all in a book, written by a highly experienced CIO and CISO, who I was fortunate to meet in August.

I’m talking about David Gee GAICD the former CISO of HSBC. Go through his elaborate LinkedIn profile, and you will see that he has also been in other roles like #CIO (MetLife, CUA, Eli Lily and Company), Strategy & Innovation (EY), IT Advisory (KPMG), and strategic advisor to many boards (the most recent one being Bain & Company). He is a transformation change agent who has worked across industries, including banking, insurance, pharmaceutical and #media. He is also a prolific #speaker at many events and is now a book author.

This book leverages Gee’s 20+ years of digital and cybersecurity leadership experience, providing real-world insights and making it a valuable resource for those navigating the evolving landscape of the C-suite.

Everyone’s first 90-day performance, from prime ministers and presidents to business leaders, is closely watched. It’s a personal manifest that outlines a vision. Therefore, people in C-suite leadership roles need to write a 90-day plan. It should articulate how they will lead transformation and introduce changes, working with their teams and the management.

CIOs and CISOs are asked for that plan during the on-boarding interviews.

Also see: How To Prepare for Cybersecurity Risk – Part 2

The 90-day plan must be aligned to the business strategy. It must demonstrate that the IT team fully comprehends and is aligned with the objectives.

This book gives you insights into crafting a robust 90-day plan, and you’ll be well-equipped to catapult into CIO or CISO roles successfully. Beyond technical proficiency, the book instills survival skills, ensuring longevity and helping you prevent burnout in these pivotal positions.

In this book, David offers some guidelines to draft the 90-day plan:

The plan must fit on one page.
It must be clear as to what the CIO and CISO will focus on.
It is designed to be openly shared (avoid any confidential references)
It must be structured with time-based deliverables (with pressure to stay on track)
The plan should be as closed-ended as possible, with more measurable actions at the end of the 90 days.
Track the progress as the plan is completed (it will also be a branding exercise for the CIO and CISO)
The plan is not supposed to be perfect, so revise it as necessary.

The 90-day plan is not carved on tablets (the marble kind), and the CIO/CISO can make changes as they learn more about the organizational culture, its processes and the nature of business. Of course, he/she needs to discuss the plan with LOB heads and other stakeholders of what they expect, and what is feasible. management before making changes. So the 90-day plan evolves.

Once they are on board, the CIO and CISO they must present it to the C-suite leadership and management and the board to show their progress. Their internal teams also need to see it.

David’s book arms you with insights into crafting a robust 90-day plan, and you’ll be well-equipped to catapult into CIO or CISO roles successfully. Beyond technical proficiency, the book instills survival skills, ensuring longevity and helping you prevent burnout in these pivotal positions.

Highly recommended reading for all involved in C-suite leadership.

The Aspiring CISO and CIO
A career guide to developing leadership skills, knowledge, experience, and behavior
Author: David J. Gee
Available in Kindle Edition and Paperback
Publisher: Packt

Share This Article!

Brian Pereira

Brian Pereira is an Indian journalist and editor based in Mumbai. He founded Digital Creed in 2015. A technology buff, former computer instructor, and software developer, Brian has 29 years of journalism experience (since 1994). Brian is the former Editor of CHIP India, InformationWeek India and CISO Mag. He has served India's leading newspaper groups: The Times of India and The Indian Express. Presently, he serves the Information Security Media Group, as Sr. Director, Editorial. You'll find his most current work on CIO Inc. During his career he wrote (and continues to write) 5000+ technology articles. He conducted more than 450 industry interviews. Brian writes on aviation, drones, cybersecurity, tech startups, cloud, data center, AI/ML/Gen AI, IoT, Blockchain etc. He achieved certifications from the EC-Council (Certified Secure Computer User) and from IBM (Basics of Cloud Computing). Apart from those, he has successfully completed many courses on Content Marketing and Business Writing. He recently achieved a Certificate in Cybersecurity (CC) from the international certification body ISC2. Follow Brian on Twitter (@creed_digital) and LinkedIn. Email Brian at: [email protected]