As fans of “Star Wars,” we’ve watched a multitude of characters evolve on the screen and rise to the challenge posed by dark and powerful enemy forces. Jedi warriors, Wookiee warriors, fighter pilots, and an array of diplomats and military commanders have fascinated us for four decades.

Meanwhile, back on planet Earth, in this decade, we too are left fighting dark and powerful enemy forces. It’s only natural to wonder which of these types of characters would best serve as chief information security officers (CISOs) for our organizations to defend us from the threats of a digital empire that continues its relentless expansion and threatens our organization’s very survival.

Let’s take a look at some traits from the “Star Wars” characters we’ve grown to love and explore how those might be applicable to CISOs today.

The Jedi Warrior

The simple utterance of the word brings about visions of strength and courage, even in the face of certain doom, but also that of an innate ability to sense when the world is in balance or when there is “a disturbance in the Force.” Much as CISOs can come from varied occupations, Jedi come from various planets and backgrounds. While many sport a lightsaber of an appropriate color, it is truly what’s inside them that brings comfort and strength in the heat of battle: their ability to connect with the Force and to direct it to their advantage.

The way of the Jedi warrior is that of mind over matter, yet they are not afraid to get into a close combat situation if need be, and they are definitely adept at handling a multitude of weapons. For CISOs, these traits — calmness, control, agility and speed — and a mastery of many (usually defensive) weapons would serve them well.

However, CISOs, like the Jedis Luke and Rey, aren’t invincible. They’re still human, after all. They have to be careful that when engaged in combat — or incident response — they make moves the enemy won’t predict. And assuming they live to fight another day, CISOs also have to ensure that any sacrifice is part of a greater strategy for organizational survival, or better yet, toward ensuring a more prosperous and just future.

The Admiral

Over the course of the “Star Wars” saga, we also met many military leaders, perhaps none as memorable as Admiral Ackbar — famous for the one line that could be quite useful in your next security budget meeting: “It’s a trap!”

Unlike the warrior CISO working on mastering the Force and understanding the universe, the admiral CISO character is that of a military leader facing the enemy straight on, ready to deploy the full complement of his or her well-trained force, ready to overwhelm the enemy with the speed and precision of the response. The Admiral CISO is a strong leader, ready to defend the organization and serve its leaders to the best of his or her ability.

However, as the last decade of cyber incidents and data breaches has proven, in cyberspace, the enemy can take on many forms — much like a shapeshifter. Instead of a clearly delineated battlefront, the Admiral CISO is left wondering whether the threat will come from within or from halfway across the galaxy.

The Diplomat/Ambassador

In between the battle scenes, we often found ourselves drawn to the intriguing world of diplomacy, with Jedi Ambassadors and Diplomats. Often operating as the public face of the government or organization they were representing, ambassadors served in advisory roles to other government leaders, but also used their talents to develop stronger ties with allies. Diplomats in the “Star Wars” universe were obviously skilled negotiators, but many were also skilled combatants, ready to spring into action to save their own lives and those of their allies.

The Diplomat CISO is one that also demonstrates a keen ability to negotiate — a skill that also implies an ability to listen attentively and take the time to understand the other side’s needs and concerns. The Diplomat CISO is at home on whatever planet they happen to be on today; they blend with the local crowds, can speak the language, can laugh at their jokes and are able to align their own goals with those of the people around them.

The Fighter Pilot

Who can forget the first time they heard one of the X-Wing leaders exclaim “stay on target”? Immortalized by Han Solo’s performance, and more recently by Poe, the fighter pilots are brave, work fairly well as a team and often go well beyond the call of duty to perform surgical strikes and defend the fleet.

However, fighter pilots — at least those portrayed in “Star Wars” episodes — have also shown themselves to be ready and willing to go it alone, as well as to disobey orders from above. This cowboy-like behavior, while potentially appealing to some CISOs, is unlikely to serve the organization well, considering trust is a two-way street (space corridor) built on stable behaviors as opposed to heroic antics.

The Chewbacca

Of the many alien species that fans of “Star Wars” have been exposed to, none stand out as clearly as that of a Wookiee warrior named Chewbacca. Chewie, as he is affectionately known, turned out to be a fantastic partner to one of the best fighter pilots in the galaxy, and thus deserves a special mention. Chewie saved Han Solo’s life on multiple occasions and proved himself time and again as pilot of the Millenium Falcon.

But beyond the heroics, Chewie also left us wondering what exactly did he mean by “RAWRGWAWGGR” (yes, that’s an actual quote). While Chewie the CISO would prove to be a good “wingman” to the leadership of the organization, he would likely leave everyone quite confused as to the exact meaning of the buzzwords uttered.

The CISO as the Ultimate Defender of the Galaxy

As the role of the CISO evolves and adapts to growing demands and cyber risks, business leaders are often wondering if the person in charge of the organization’s incident response strategy has what it takes to defend against the Empire and the constant stream of threats stemming from it.

The CISO as a security leader must be multitalented, one minute conversing with the top leadership about strategies and alliances — much like the Admiral and the Ambassador would do — and the next minute directing the alliance’s response to new threats with the precision of a Pilot. And all the while, they must be using their knowledge of the organization’s defenses and that of enemy weapons, the threats and tools at the disposal of attackers today, to ensure a healthy balance.

When it comes to the Force, the Jedi CISO will have realized that intuition alone isn’t enough to fight today’s battles. Instead, intuition must be supplemented with a dashboard that confirms what the CISO sensed, that uneasy feeling, the disturbance in the Force.

More from CISO

Ransomware Renaissance 2023: The Definitive Guide to Stay Safer

2 min read - Ransomware is experiencing a renaissance in 2023, with some cybersecurity firms reporting over 400 attacks in the month of March alone. And it shouldn’t be a surprise: the 2023 X-Force Threat Intelligence Index found backdoor deployments — malware providing remote access — as the top attacker action in 2022, and aptly predicted 2022’s backdoor failures would become 2023’s ransomware crisis. Compounding the problem is the industrialization of the cybercrime ecosystem, enabling adversaries to complete more attacks, faster. Over the last…

2 min read

Do You Really Need a CISO?

2 min read - Cybersecurity has never been more challenging or vital. Every organization needs strong leadership on cybersecurity policy, procurement and execution — such as a CISO, or chief information security officer. A CISO is a senior executive in charge of an organization’s information, cyber and technology security. CISOs need a complete understanding of cybersecurity as well as the business, the board, the C-suite and how to speak in the language of senior leadership. It’s a changing role in a changing world. But…

2 min read

What “Beginner” Skills do Security Leaders Need to Refresh?

4 min read - The chief information security officer (CISO) was once a highly technical role primarily focused on security. But now, the role is evolving. Modern security leaders must work across divisions to secure technology and help meet business objectives. To stay relevant, the CISO must have a broad range of skills to maintain adequate security and collaborate with teams of varying technical expertise. Learning is essential to simply keep pace in security. In a CISO Series podcast, Skillsoft CISO Okey Obudulu recently said,…

4 min read

The Needs of a Modernized SOC for Hybrid Cloud

5 min read - Cybersecurity has made a lot of progress over the last ten years. Improved standards (e.g., MITRE), threat intelligence, processes and technology have significantly helped improve visibility, automate information gathering (SOAR) and many manual tasks. Additionally, new analytics (UEBA/SIEM) and endpoint (EDR) technologies can detect and often stop entire classes of threats. Now we are seeing the emergence of technologies such as attack surface management (ASM), which are starting to help organisations get more proactive and focus their efforts for maximum…

5 min read