“CISO of the Year” honors two innovators who are making cyber life safer and easier

One of the highlights of this year’s CIS Compliance Summit was once again the “CISO of the Year” award – a prize presented by the state-accredited certification organisation CIS – Certification & Information Security Services GmbH to the best security information experts (Chief Information Security Officer) in the industry. This year, the coveted industry award went to two candidates: Richard Thron from Lower Austria, Head of Information Security at Umdasch Group AG, and Fabian Cholewa from Germany, CISO at Software GmbH in Düsseldorf.“CISOs often perform at the highest level, full of innovation, thoughtfulness and pragmatism. The irony of the role is that all too often it becomes less visible the more successfully it is performed. That is why it is important to us to bring these experts and their successes to the fore once a year, to honour them and celebrate their achievements,” says Harald Erkinger, Managing Director of CIS – Certification & Information Security Services GmbH. The aim of the annual “CISO of the Year” competition is therefore to put the achievements of this now indispensable management function in the spotlight and at the same time provide inspiration for other CISOs.

An independent panel of experts will make the shortlist and decision from all the entries. “We were particularly impressed by the leadership performance, measurable added value and networked commitment to the security community of this year’s award winners,” said Simon Tjoa, jury chairman and IT security researcher at St. Pölten UAS, who presented the award winners in front of more than 250 trade visitors.

Under Thron’s leadership as CISO, Umdasch Group AG has taken a strong role in developing and implementing innovative awareness initiatives that raise awareness of cyber security and promote a security culture of proactivity. His nomination is a successful example of how comprehensive the responsibilities of CISOs are on a day-to-day basis. He not only introduced monthly phishing simulations in the company, he also implemented secure code training, designed mandatory microlearning courses, organised “The hacker is in the house” events and implemented an information security management system (ISMS) in accordance with ISO 27001 – to name just a few of the countless measures for which he is responsible for the overall strategy. Thron was nominated for “CISO of the Year” by last year’s winner Marcel Lehner from Wiener Stadtwerke.

This not only reduced costs, but also achieved greater acceptance among employees thanks to the transparent approach. By automating processes, avoiding duplication and creating a central, automated control framework, Software GmbH was able to save several thousand hours under Cholewa and reduce the costs of existing audits by up to 50 per cent.

Detailed information on the competition and the application forms for the next “CISO of the Year 2025” competition can be found at www.cis-cert.com/ciso