Cybersecurity needs to be at the heart of the digital transformation, but organisational models will have to evolve
The role of the CISO and their reporting line seems to be a continuing topic of discussion amongst cyber security professionals. Something that is increasingly a major source of concern in a world that is more and more “hyper connected” and where data is the real “fuel” the business needs to burn on its journey towards digital transformation. Often at the top is a Group CISO, but what could be their role in such context? And how to make it work?
Keep appointing pure technologists in CISO roles and you’ll never win The Wannacry ransomware attack that affected so many large firms in May 2017 led to a number of animated...
It is astonishing to see the amount of interest still surrounding the reporting line of the CISO. The fact that it is still a topic of serious discussions amongst security professionals is teaching us a few things about the role and its perception: Is the role properly established, identified and accepted in organisations? or is it (still) seen as some form of arbitrary (and bureaucratic) imposition by regulators?
The reporting line of the CISO has to be at board level and must be driven by clear underlying objectives shared unambiguously by the CISO and their boss – whoever that happens to be in the organisation.