Image: vegefox – stock.adobe.com
As security breaches continue to impact the bottom lines of major businesses and institutions around the world, the role of the chief information security officer (CISO) is taking on new prominence — and fueling existing controversies over where responsibility for data security ultimately lies within the organization.
Typically, the CISO function has reported to the chief information officer, but emerging trends in corporate management styles, such as the creation of chief digital officers (CDOs) at many organizations, are calling that hierarchy into question. In addition, some CIOs and CISOs feel that there is a natural conflict of interest between their two disciplines: While CIOs typically accelerate growth and adoption of digital technologies to streamline operations and drive revenue, CISOs tap the brakes in the name of security and privacy controls.
“As the business matures and understands that cyber risk is a business issue — not an IT issue — the powers-that-be will start realizing that having a CISO report to a CIO is an outright…
