[hn_throwaway_99]

I'm curious if anyone has any experience either as a "fractional CISO" or at a company who had one.

CISO is famously a "sacrificial lamb" sort of job, and it's certainly never one I would take on on a fractional basis (all of the risk but a lot less of the reward). I could understand having a fractional "security advisor" or "security lead", so maybe I'm just arguing about semantics, but again I'm primarily just interested in hearing about real world experiences with this sort of arrangement.

[jcims]

I know someone who actually enjoyed the fractional CISO role. Unless your goal is to move to a less expendable CxO role I actually see it as less of the risk and more of the reward.