shutterstock-297863984
Security

Will the CISO surpass the CIO?

This is a contributed piece by J.J. Guy, senior director of cloud engineering at Carbon Black

In recent times many security leaders in organisations were promoted from a mid-tier manager to the CISO. Security was considered as “just one more job” of the IT department, so the manager who owned security took the CISO title but continued to report to the more senior CIO.

As businesses learned security was more about overall business risk than simply a function of technology, the reporting chain for CISOs started to move outside the CIO’s organisation and CISOs began reporting to the CEO, CFO or COO. 

It was a mistake when CIOs created the CISO role and then moved it out of their organisation. Collectively, CIOs missed an opportunity to take responsibility for security when the CISO role was created. If CIOs had taken ownership of security and evolved their organisations, there would have been no need to distinguish them from CISOs, let alone create two separate organisations: one for IT and one for security.

To continue reading...


PREVIOUS ARTICLE

« News Roundup: Are we about to start mining the ocean for raw smartphone materials?

NEXT ARTICLE

Advice from a CISO: We have traditionally failed at leadership »
author_image
IDG Connect

IDG Connect tackles the tech stories that matter to you

  • Mail

Recommended for You

How to (really) evaluate a developer's skillset

Adrian Bridgwater’s deconstruction & analysis of enterprise software

Unicorns are running free in the UK but Brexit poses a tough challenge

Trevor Clawson on the outlook for UK Tech startups

Cloudistics aims to trump Nutanix with 'superconvergence' play

Martin Veitch's inside track on today’s tech trends

Poll

Is your organization fully GDPR compliant?