Fortune 500 companies have seen the structure of their security operations teams evolve in recent years, with four of every 10 companies assigning a dedicated, deputy chief information security officer or an equivalent leadership role, according to a report released Thursday from IANS Research and Artico Search.
A deputy CISO steps in when the CISO is unavailable and is seen as the eventual successor to the CISO in the company’s risk management hierarchy, according to researchers.
“In practical terms, the deputy CISO often either holds a dual role as a functional department head who takes on additional executive leadership responsibility or operates as a chief of staff who also takes on CISO-like responsibilities that the CISO needs to delegate,” Nick Kakolowski, senior research director at IANS Research told Cybersecurity Dive via email.
Security team structures at Fortune 500 firms have expanded into at least four layers of specialists, according to the IANS-Artico report. The teams typically include leaders in security operations, managing identities and access, managing risk and compliance issues, and…
