top of page

Please click the button below for the Program Overview and Nomination Form.

Nomination and Awards Details

Awards Overview

Starting in 2022 two different awards will be presented – “ENTERPRISE” for CISOs from organizations with more than $4B USD in revenue and “MID-CAP” for those from organizations with less than $4B in revenue. If a CISO does not have company-wide responsibilities, the combined revenue of the business units under their remit will be used to determine the award for which they’ll be considered. 

Process Summary

Nomination is an open process that can be initiated by anyone with direct experience working with the nominee. Submitted nominations are reviewed by the Head of the Judges Committee to ensure that the nominee meets the requirements laid out in the Nomination Form. Nominees demonstrate their competency and achievements through a multi-staged process that includes a detailed written questionnaire, and a series of formal and informal interviews with a panel of industry peer-level judges. The program spans over five months and culminates with a final interview and selection process completed by a panel of local area CEOs. The CISO of the Year winner is announced at an Awards Ceremony held in October of the same year.

Nominee Evaluation Process

  1. Nominees are submitted to the program by the community.

  2. Anyone who has a direct working relationship with a CISO can nominate that individual for the CISO of the Year Program.

  3. Participation in the program requires the explicit agreement from the nominee.

  4. Nominee fills out a multi-page application covering multiple topic areas relevant to the Information Security profession and community.

  5. Each nominee will be assigned at least two judges to conduct a 60-90 minute interview. These interviews are strongly preferred, but not required, to be in person.

  6. Judges evaluate both the written and verbal submissions as compared to other nominees.

  7. Scores of all nominees will be evaluated, discussed, and calibrated by the Judges Committee (JC). The JC consists of all volunteer CISO peer group judges.

  8. The Head of the Judges Committee (HJC) will facilitate the calibration sessions with a focus being on the four nominees with the highest scores.

  9. The HJC does not submit scores for any nominees.

  10. If two nominees have the same score, the tiebreaker is decided by the HJC and is determined by the nominee’s participation in the program (quantity and engagement level).

  11. The two nominees with the top scores in each category will advance to the CEO evaluation round where the winner is selected.

  12. CEOs will interview the two finalists in each category and select the winner.

  13. Tie-Breaker Rule: If the CEOs deadlock, the finalist with the highest score wins. If both finalists have the same score, the HJC will select the winner.

Nomination Requirements

  1. Individual submitting nomination has direct experience working with Nominee.

  2. Goods or services have not been exchanged or promised for nomination.

  3. Nominations must be submitted to no later than July 30th.

Nominee Requirements

  1. Nominee leads the Information Security program for the organization (CISO or equivalent).

  2. Nominee has been in role for a minimum of 12 months at the time of nomination.

  3. Nominee remains active in role until the end of September of the Award year.

  4. Nominee's organization is based out of or has a significant office presence in the Chicago Area.

  5. Nominee's primary work location is in the Chicago area.

bottom of page