The Business of Security #38 – Succession Planning, with John Checco

In this episode, guest John Checco, Resident CISO at Proofpoint, makes a compelling case for CISO succession planning. As John takes us through his journey as a CISO, we learn how companies factor skills, background, and strengths into their short to long-term succession plans.

The average estimated tenure of a CISO is only 26 months.  85% of surveyed CISOs  say they are now looking for another role or would consider an opportunity if presented. Unless you take aggressive retention action, it is only a matter of time before you are recruiting again. We discuss the tenets of succession planning, how to find a successor, and what transferring ownership entails.

John gives us deep insight into relationship handoffs, which often involve organizations and personnel, both internal and external. We identify a successor’s essential qualities, including leadership skills, organization ability, knowledge and experience, and cultural fit. In addition to primary skills, we discuss secondary skills such as project management, administrative competence, and background diversity.


John Checco, Resident CISO @Proofpoint


Josh Bruyning, Solution Engineer @TrustMAPP and Chad Boeckmann, Founder/CEO @TrustMAPP


TrustMAPP (