According to Silicon Valley visionary Ted Schlein, CISOs are now the “rock stars” of the corporate world – and they’ll soon have a special reason to celebrate.

CISO rockstarsOn a recent Charlie Rose show, Schlein predicted that CISOs “will probably be the highest paid people in corporate America and around the world going forward.” Considering CISOs’ fast-evolving job description, they’re worth every penny.

Information Security is Becoming a Bigger Priority

According to the 2015 HIMSS Cybersecurity Survey, more than half of all healthcare organizations have already hired a CISO to help manage their information risk management program– and 87 percent of those organizations report that cybersecurity in particular has become a much higher priority just in the last year.

Today’s CISO works more collaboratively with healthcare executives and legal teams than IT directors did in previous years. It’s become far more than a technical role, and requires high-level communication skills and the ability to implement far-reaching educational programs.

As demand increases for experienced professionals to fill this senior position, so too do salaries, with the majority of CISOs taking home over $200k per year, and larger firms head hunting for the role with offers exceeding $300k.

The Rise of the CISO

The article is illustrative of a general shift in perception surrounding this role and associated responsibilities. Just a year ago, a study showed that over 70% of executives did not believe that the CISO should be part of an organization’s leadership team.

CISOs report to board

A year of frighteningly large-scale, public and sophisticated hacks have garnered a new appreciation for the seriousness of the risks information security professionals manage, and a respect for the value they bring to an organization.

“[information security professionals] must now be ahead of the curve, developing a clear vision of how hackers’ tactics will evolve, becoming proactive innovators.”

– Matt Comyns, Global Cyber Security Practice Leader at Russell Reynolds Associates

Meredith Phillips, CISO at six-hospital Henry Ford Health System in Michigan, not only possesses these skills but has been hailed as one of six CISO Rock Stars in a recent edition of Healthcare IT News.

Here are some of Phillips’ many accomplishments to date:

  • Meredith Phillips CISOImplemented Henry Ford’s massive iComply initiative, which helped train 23,000 employees on privacy and security issues.
  • Launched an access management program to determine which Henry Ford employees needed access to confidential data – and to what level.
  • Introduced a new program to provide enhanced security for Henry Ford’s 50,000-plus medical devices. Many of those devices are FDA-approved and can’t be encrypted, so the new program emphasizes education and other controls.

Every healthcare CISO could benefit from the insights shared by Phillips and her fellow CISO Rock Stars. They’re charting a course for what data security should look like in 2020 and beyond. That’s why they’re so highly prized in the C-suite. The CEOs and CFOs of the world know that their organizations’ future performance depends in large part on what CISOs bring to the table.

If Ted Schlein’s prediction is correct, CISOs could see a continued rise in their respect, career trajectory and bank accounts.

It’s an exciting – and lucrative – time to be an information security executive!

Learn More

We Are Proud to Count Meredith Phillips In Our All-Star BootCamp™ Faculty

Enjoy lively discussions, hear best practices and learn from real-world examples from some of the information risk management's leading experts in our educational HIPAA Compliance Program BootCamp™
Learn More

Bob Chaput

CEO at Clearwater Compliance
Bob Chaput is widely recognized for his extensive and in-depth knowledge of healthcare compliance and cyber risk management, and is one of the industry’s leading authorities in healthcare information security today. As a leading authority safeguarding health data, Chaput has supported hundreds of hospitals and health systems to successfully manage healthcare’s evolving cybersecurity threats and ensure patient safety.