Ahead of the 2023 Swiss CISO Awards, we decided it would be a good idea to dig a little deeper into the origins of the Swiss CISO Awards. The following is an in-depth interview with two of the key instigators: Samir Aliyev, CEO of the Swiss Cyber Institute, and Milena Thalmann, CEO of Zurich-based White Rabbit Communications.
What are you hoping to achieve with the Swiss CISO Awards?
Samir: Drawing attention! Clearly, but for once not (only) for us, but above all for those people who are committed to the complex and highly demanding responsibility for a company’s cyber security. In our work with the community, we are aware of how little positive feedback CISOs receive in their day-to-day activities. We want to change that.
How did the idea for the Swiss CISO Awards come about?
Milena: The idea came from Samir Aliyev and his colleague Ivan Schnider. They outlined it to me at our first meeting. At that time, no key points were clear, but the major goal instantly appealed to me. There are hardly any other professions that on the one hand are so strongly interdisciplinary – yet on the other hand deal with a topic that is unknown to most people. Therefore, it is important for me to put those who perform cybersecurity work on a pedestal for once, and to draw attention to what is a multifaceted task.
Samir: In the meetings leading up to the creation of the award, we gave a lot of thought to the challenges currently facing CISOs. We wanted to offer something that would not only put on a good show, but also highlight the true value of the profession and address the motivation of those in charge. Cybersecurity is a topic that you can approach technologically, or you can take a step back and look at the “big picture.” We hope the jury will receive a lot of nominations from those who are doing the latter.
What are the five categories for which you will be presenting an award?
Milena: The big award for the Swiss CISO of the Year goes to a nominee who has stood out through special achievements over the past year. The overall package is what counts. In addition, we have set ourselves the goal of recognizing people who show commitment beyond the norm. For example, we want to reward people who have had the greatest influence on digitalization projects, promoting security through specific aspects of design. We are looking forward to receiving nominations for the “Impact on Culture” award, which reflects the trend where more and more companies are moving away from quick awareness training to working on a sustainable company culture where security in the long-term matters.
Samir: We also want to support companies and people who are holistically addressing the issue of diversity. Personally, I am particularly excited about the “Future Leader” award, where we are specifically looking for young personalities who bring a vision with them. We want to create a platform that supports ideas and challenges the status quo.
What qualities do you look for in a CISO?
Milena: I think the award categories already provide a partial answer. It’s about looking at the job holistically and in the context of a business organization. There are many technically excellent CISOs out there, and we appreciate everything that they do. That said, we believe that providing a reward for going the extra mile in each of our categories will have a big impact on the levels of security adopted in organizations.
Samir: We are looking for CISOs with vision, who see a purpose in their work and who have an impact in their company. The protection of data, information and privacy plays a big role in society, and it is getting bigger and bigger. It is not only important that, but also “how” companies take up this challenge. With the awards we follow the same principle as with our conference: we want to give thought leadership a lot of space and thus create a basis for the future.
What does the nomination process look like? What criteria are decisive?
Samir: We have decided on three stages of nomination and evaluation:
- Nomination by a second person through our online form.
- Nominations are reviewed by the jury and finalists are determined. The 30 finalists will be announced and invited to this year’s Global Cyber Conference.
- After a thorough background check, the winners per category will be selected by the jury and will be revealed at the Global Cyber Conference gala dinner which will take place on the evening of September 14.
Milena: We are incredibly lucky to be working with a jury of exceptional people from the public, academic and private sectors, namely:
- Öykü Isik, Professor of Digital Strategy and Cybersecurity, IMD (business school)
- Alina Matyukhina, Head of Cybersecurity at Siemens, (technology)
- Clara-Ann Gordon, Board Member, Partner with Niederer Kraft Frey (law firm)
- Florian Schütz, Federal Cyber Security Delegate at Federal Administration
- Marcus Beyer, Security Awareness Officer, Swisscom (telecommunications)
- Sascha Maier, Group CISO SV Service (hotel/gastronomy)
All of them have embraced the spirit of the project and dedicate their time to the evaluation process free of charge. We are very proud of that. We have invited jury members who are committed to the core themes of our categories so that we can make sure the awards have extra credibility. That was very important to us. We didn’t want to present an award based only on popularity or social media skills.
How do you measure the contribution that a CISO makes “on culture, digitalization and diversity”?
Milena: In the nomination process, we ask for all kinds of background information on the candidates. Are there initiatives and projects the person has done, what was the starting point, what successes have they achieved? Beyond this, we will carry out various background checks once the first round of jury evaluation has been completed.
Samir: The measurability of the awards has been on our minds for a long time. That’s why the jury has become the most important element of the award decisions.
Why are CISOs essential in today’s corporate world?
Samir: There are hardly any components of a company that are not connected to the internet in some way or another. And yet only a small proportion of employees are technically capable of securely designing these digitalized and networked corporate processes. We know that even the smallest loopholes in the digital surface can be quickly exploited and considerable functional and financial damage caused. Cybercrime is flourishing. Any company that underestimates the risks not only puts itself at great risk, but it also encourages, almost invites criminal activities.
Milena: So, we need a greater sense of responsibility in relation to cybercrime and highlight those people who can positively influence this situation both technically and organizationally. It’s certainly a positive move that the emerging regulations such as the new Data Protection Act are now actually demanding greater responsibility, though it is already clear that any company that adopts a precautionary, accurate and integral approach to cyber security will have a market advantage in the medium term, I’m convinced of that.
How you can help support the Swiss CISO Awards
Do you know anyone who has excelled in the field of cybersecurity? Do you know of any unsung heroes in this particular field? If so, the period for nominations is now open and we would be delighted if you would put their name forward as a nomination for one of the five Swiss CISO Awards for 2023. Make sure to visit GCC Swiss CISO Awards page to submit your nomination.