If your company has a CISO, then it’s probably also got a CIO — Chief Information Officer — and maybe even a Chief Technology Officer (CTO). The CISO may report to the CIO, and the CTO likely does too.Ideally, the holders of these three jobs would work harmoniously together. But they’re often at odds because the roles almost seem designed to work at cross-purposes.”There’s a big disconnect between the CIO, the CTO, and the CISO,” says Theresa Lanowitz, Chief Cybersecurity Evangelist and Head of Thought Leadership at LevelBlue, a managed security service provider jointly formed by AT&T and WillJam Ventures. “The CTO is all about innovation and doesn’t really put much emphasis or focus on risk. The CIO is assuming that everybody else is managing risk, and the CISO is the one who’s saying, ‘No, you can’t do this.'”The CIO also has to bridge the gap between the CISO and the CTO while at the same time supervising the IT staff, pitching the top brass for budget increases and taking the long-term view of how technology can help the organization.This clash of roles can hold back a company’s efforts at cyber resilience, which is defined as its ability to rapidly bounce back from a…
