Ross McKerchar’s journey from Sophos’ first security engineer to its Chief Information Security Officer (CISO) provides a unique perspective on the cybersecurity landscape. With nearly two decades at the company, McKerchar shares insights into his career path and the evolving role of a CISO.
The Path to Cybersecurity Leadership
Initially drawn to IT through his passion for video games, McKerchar pursued a degree in computer science from the University of Edinburgh. However, he soon found cybersecurity more engaging than traditional IT due to its global implications and adversarial nature. This shift in interest laid the groundwork for his future leadership role.
McKerchar believes leadership can be cultivated but only thrives when coupled with genuine interest. His experience at Sophos, starting as the sole cybersecurity employee, required him to develop skills beyond technical knowledge, such as team management and recruitment in the face of a skills gap in the industry.
Challenges in Cybersecurity Hiring
The cybersecurity sector is expanding rapidly, yet, as McKerchar notes, the real demand is for experienced professionals with both technical and business acumen. This creates a challenge for CISOs: attracting and retaining top talent while addressing the skills gap at more senior levels rather than entry-level.
Many companies tend to hire aggressively post-security incidents, seeking seasoned experts rather than new graduates. This dynamic requires CISOs to not only build but also maintain a skilled team, emphasizing the importance of a supportive work environment.
Adapting to Technological Changes
McKerchar is cautious about the impact of AI on cybersecurity, noting a disparity between media narratives and industry realities. While AI has the potential to bridge some skills gaps, its current capabilities are not yet sufficient to replace human expertise entirely.
He highlights the dual nature of AI in cybersecurity: its potential for defense and its use by adversaries to enhance phishing attacks and uncover new vulnerabilities. This ongoing development underscores the necessity for cybersecurity teams to remain vigilant and adaptable.
Managing Stress and Preventing Burnout
Increased attack volumes and complexity amplify pressure on cybersecurity teams, making stress management a critical aspect of McKerchar’s role. He emphasizes the importance of reducing stress and ensuring downtime to prevent burnout, a prevalent issue in the industry.
Creating a balanced work environment involves allowing employees to pursue projects they find fulfilling, alongside critical tasks, to maintain morale and productivity. McKerchar’s strategy includes clear communication and structured shift rotations during high-pressure incidents to keep his team functioning at their best.
The Importance of Trust and Mentoring
McKerchar underscores ‘trust’ as both a crucial element in cybersecurity and a growing concern due to breaches caused by security products themselves. This trust issue calls for higher standards in product development across the industry.
Mentoring plays a significant role in McKerchar’s leadership style, focusing on clear communication and relationship management. He advises his team to develop emotional intelligence and cross-functional skills to advance their careers effectively.
McKerchar’s career and insights illustrate the complexities of leading in cybersecurity, highlighting the balance between technical demands, team dynamics, and the evolving threat landscape.
