Cybersecurity has never been more challenging or vital. Every organization needs strong leadership on cybersecurity policy, procurement and execution — such as a CISO, or chief information security officer.
A CISO is a senior executive in charge of an organization’s information, cyber and technology security. CISOs need a complete understanding of cybersecurity as well as the business, the board, the C-suite and how to speak in the language of senior leadership.
It’s a changing role in a changing world. But do you really need one?
How Prevalent is the CISO Title in 2023?
Many companies actually choose to not have a full-time, in-house CISO. A Navisite survey found that a whopping 45% of companies do not employ a CISO.
While the job has to be done, it doesn’t necessarily have to be done by a CISO. Some companies assign parts of that role to a chief information officer (CIO) or chief security officer (CSO). Some believe that a CIO or CSO title carries more weight with a board.
It helps when your head of cybersecurity sits on the board, so the board sees them as an influential equal. Yet only 12% of CISOs have seats on their company’s boards of directors.
And it matters whom the CISO reports to — the CEO, CIO or CFO. The org chart can help or hinder the project of making sure divisions work in harmony toward the goal of maximizing cybersecurity.
