Credit: ID 124165558 © Jozef Micic | Dreamstime.com
Cyber security teams feel more confident in delivering their mandates when they report to the CISO or CEO, rather than the CIO, the 2019 ISACA® State of Cybersecurity Survey revealed. The results of this study, which polled the perspectives of 1,576 security practitioners globally, are relevant as tightening regulatory pressures and rising consumer privacy expectations are pushing the CISO role to the top of corporate agendas.
Despite the rising significance of their roles, many CISOs are still inhibited from fulfilling their potential due to outdated reporting lines, with the majority still reporting to IT executives. As I have stated before, to effectively deliver their mandates, the CISO must have unrestricted access to the c-suite and the board. This arrangement offers four distinct advantages.
Firstly, it enables corporate directors to ask difficult and precise questions, giving them unfiltered visibility into exposures that threaten the viability of the enterprise and the adequacy of management response…
