CISM: The Key to Entering Executive Leadership

CISM: The Key to Entering Executive Leadership
Author: ISACA
Date Published: 23 December 2019

In 2018, Michael Kearns, CISM, chief information security officer (CISO) for Nebraska Methodist Health System, evaluated options to make himself more employable in the next decade. After researching the most desirable certifications security professionals should hold and acquiring many years of management experience in IT security at Syracuse College (New York, USA), he decided to pursue the Certified Information Security Manager (CISM) certification. Kearns says the CISM certification was the key to landing an executive leadership position. “I am currently the CISO for Nebraska Methodist Health System in Omaha, Nebraska, USA, and, without this certification, I would never have been considered for this position. The certification was a requirement for the role, and the certification has made me a much better CISO. Prior to my current role as CISO, I was unable to move into an executive leadership position even though I held a master’s degree in information management. The CISM certification has made all the difference.”

Since becoming a CISM, Kearns notes that he has gained confidence in himself. Becoming a CISO, he explains, also increased his earning potential, and allowed him to save more for retirement and better evaluate risk vs. reward in financial decisions, such as home purchases. Overall, it has helped him feel more secure in his future and in the present—he says his current CISO position is his dream job.

Kearns says he cannot emphasize the positives of being a CISM enough. Not only has it helped him be recognized as an expert, it has opened the door to support from the ISACA community. When Kearns moved from New York, USA, to Nebraska, for his current position, his boss came to him with a dilemma: His boss had grant money to hold a security conference, but only had 2 months to organize it or he would forfeit the grant money. Kearns called on his fellow ISACA members. “I reached out to my new ISACA friends here in Omaha and they told me, without hesitation, that they could assist with organizing the conference. The local cybersecurity conference went off without a hitch and was a huge success all because local ISACA members stepped up and made it happen.” Needless to say, Kearns is extremely grateful for the ISACA Omaha Chapter members.

Kearns recommends that, “If you want to be considered a true professional, then the CISM certificate is for you. It makes you a better security expert, more knowledgeable, will advance your career, and carries respect among employers and coworkers.” In his position, Kearns believes in the certification so strongly that he requires all his staff to pursue either the CISM certification or the Certified Information Systems Security Professional (CISSP) certification.

To learn more about ISACA certifications, visit the Certification page of the ISACA website.