Cyber Leadership Studies and Research

Understanding CISOs from the Inside Out — and Expectations from The Environment In

Why Our Research Approach Matters

At New Cyber Executive, we don’t just gather data—we design our research to understand people and organizational dynamics. Our approach to executive coaching and leadership insight is grounded in a methodology that values context, meaning, and depth over generalization and sample-size striving. We use ethnographic research, qualitative research, and Grounded Theory not as academic exercises, but as practical tools to uncover what drives CISO experiences—both their challenges and their breakthroughs.

Beyond the Surface

From data points to “Why” and "How". Surveys and benchmarking reports are excellent at showing patterns. They tell us what is happening across our cybersecurity executive landscape—trends in compensation, shifts in organizational reporting, recurring pain points. But for CISOs operating in real, high-stakes environments, this only scratches the surface.

Our ethnographic research reveals the why and how. Why does a particular challenge persist despite structural changes? How do some leaders thrive in ambiguity while others burn out? By listening deeply and analyzing individual experience to surface patterns across research members ("subjects"), we uncover the social, cultural, and organizational forces at play—insights that traditional surveys and quantitative data sets can’t surface.

Coaching Built on Lived Experience

Every CISO walks a unique path. That’s why our research approach centers the individual. We use qualitative interviews, pattern recognition, and open, axial, and thematic coding of interviews to build an understanding of each leader’s world—how they see it, how they navigate it, and what they aspire to change.

This depth of insight doesn’t just inform our thinking—it shapes our coaching. We don’t offer generic strategies or frameworks. Instead, we help CISOs design leadership moves that are precise, context-aware, and authentic. This kind of personalization isn’t a luxury—it’s what makes transformation stick.

Root Causes, Not Just Symptoms

The most intractable problems aren’t always visible on the surface. That’s why our research approach focuses on uncovering underlying dynamics—how trust is built or lost, how authority is negotiated, how security leaders internalize risk and responsibility.

By working with these deeper drivers, our coaching addresses the root causes of leadership friction—not just the symptoms. The result is more sustainable progress, less reactive firefighting, and leadership strategies that grow from a place of integrity and alignment.

Not Just CISOs, but Stakeholders

The complexity of cybersecurity leadership doesn’t unfold in a vacuum—it’s shaped by the expectations, pressures, and assumptions of other stakeholders: Boards, CEOs, CFOs, technical and engineering leaders, and even customers.

We listen not only to what CISOs are experiencing but also to how others interpret the role. This includes interviews with non-security executives, observation of cross-functional dynamics, and analysis of the language different groups use when describing cybersecurity leadership. What emerges is not just a portrait of the CISO from the CISO view, but a map of the relationships, disconnects, and feedback loops that define their positioning and impact.

This broader view allows New Cyber Executive to support CISOs in more than personal development—we help them navigate, translate, and reframe their roles in ways that align with the surrounding system. It’s leadership coaching informed by organizational ethnography, not just individual insight.

A Different Lens for a Complex Role

The CISO role is one of the most complex, high-pressure positions in the executive suite. It deserves more than surface-level diagnostics. At New Cyber Executive, we bring a research lens that honors this complexity and reveals the human side of cybersecurity leadership.

Areas of Research

We research differential behaviors, mindsets, and approaches of successful cybersecurity leaders and the key elements of successful moments in cybersecurity leaders' careers. We interview approximately 50 executives each year.

We do not look at products, deployed technology, or technical trends. Nor do we evaluate programs, organizational structure, capital investments, or similar topics. If you are looking for this, and don't know where to start, feel free to contact us.

Current and Prior Research

Past research has focused on cyber executive-specific job challenges, and included additional outside-in '360' input from product and business leaders, CIOs and IT executives, HR executives and recruiting professionals, and project/portfolio management leaders, among others.

The 2022 NCE Leadership Survey focused on elements of starting a new role and is complete. Current, full-time, executives working in industry can apply to participate in a rolling study of cyber executive success differentiators here. In H1 2023, the focus is on women executives in cyber leadership. More information can be found here. At this time I am not interviewing those in sales, consulting, or vCISOs.