New whitepaper from Professor Kieran Upadrasta offers boards a strategic lifeline as CISO tenure drops to an average of 18 months.
Paris, France– January 21, 2026 – As the average tenure of Chief Information Security Officers falls to a critical low of 18–26 months, organizations are increasingly facing dangerous "leadership vacuums." Addressing this volatility, globally recognized cybersecurity strategist Professor Kieran Upadrasta has today released “Commanding the Crisis: An Interim CISO’s 90-Day Roadmap to Boardroom Confidence.”
The whitepaper introduces a proprietary 90-Day Command Framework, a methodology designed to help interim leaders and Boards of Directors rapidly quantify risk, stabilize governance, and ensure regulatory compliance during the fragile period of executive transition.
The Strategic Gap "When a CISO departs, they don't just take their laptop; they take the institutional memory of the organization's risk posture," said Professor Upadrasta. "With new regulations like DORA and NIS2 coming into force, the gap between leaders is no longer just an operational inconvenience—it is a period of heightened vulnerability where strategic drift and regulatory penalties become likely. This framework turns that vulnerability into a period of rapid stabilization."
The 90-Day Command Framework The whitepaper details a structured, three-phase approach designed to deliver measurable results within a single fiscal quarter:
- Phase 1: Triage (Days 1–30): Immediate containment. Focuses on rapid enterprise risk assessment, stakeholder mapping, and plugging critical security gaps.
- Phase 2: Translation (Days 31–60): Shifting the narrative. Focuses on converting technical findings into financial terms the Board understands and aligning security priorities with business objectives.
- Phase 3: Transformation (Days 61–90): Future-proofing. Focuses on embedding sustainable governance and preparing the seat for the permanent successor.
Regulatory & Technical Scope Beyond leadership strategy, the paper provides technical guidance on navigating the current regulatory landscape, including DORA, NIS2, and AI Governance (ISO/IEC 42001), as well as applying FAIR methodology for risk quantification.
About Professor Kieran Upadrasta Professor Kieran Upadrasta is a cybersecurity authority with 27 years of experience in financial services and Big Four consulting (Deloitte, PwC, EY, KPMG). He currently serves as Professor of Practice in Cybersecurity, AI, and Quantum Computing at Schiphol University and is an Honorary Senior Lecturer at Imperials. An expert in international governance (ISO/IEC 27001, NIST, DORA), he specializes in helping boards navigate complex risk landscapes.
Availability The whitepaper “Commanding the Crisis: An Interim CISO’s 90-Day Roadmap to Boardroom Confidence” is available for immediate download at: https://drive.google.com/file/d/1kK64bVQO63DgVoCs_RAfoYXCsAT9CHO5/edit
Legal Disclaimer
The opinions expressed in this article are those of the author and do not necessarily reflect the views or positions of KISS PR or its partners. This content is provided for informational purposes only and should not be construed as legal, financial, or professional advice. KISS PR makes no representations as to the accuracy, completeness, correctness, suitability, or validity of any information in this article and will not be liable for any errors, omissions, or delays in this information or any losses, injuries, or damages arising from its display or use. All information is provided on an as-is basis.