CISOs are taking on a bigger role as companies need tighter security. The CIO use to be prominent in that role, but times change. According to Kelly Sheridan in an article for Dark Reading, CIOs and CISOs need to build a relationship as things evolve to accommodate the changes occurring.
CIOs propel business forward through leadership, vision, and IT implementation, and the CISO has the critical role in providing insight and guidance to ensure the strategy is secure. In this way, the CISO’s role is becoming more important in the relationship with the CIO. And security is becoming increasingly complex. Corporate networks are dense and supporting more connected devices than ever as BYOD programs are growing.
Hackers are using more sophisticated methods to breach organizations and steal data. CISOs need to identify the vulnerabilities and advise the CIOs. The CISO provides guidance while working along with the CIO reviewing road maps and looking at systems and data throughout the organization.
There is no standard structure and every company is different. But in most cases the CISO reports directly to the CIO, and they are becoming more empowered to veto key strategic decisions. “The CISO has a seat at the boardroom table,” says Dawn-Marie Hutchinson, executive director for Optiv’s Office of the CISO. “They’re saying, ‘Let’s talk about what the business is doing strategically and how we can enable that functionality.'”
As this was once the responsibility of the CIO, CISOs are getting more face time with board members and execs, taking over as priority is set to security issues and projects:
As the CISO becomes critical to business decisions, the CIO’s role is changing, says Hutchinson. The CIO is more frequently being relegated to operational tech and handling issues like outsourcing, cloud usage, and network availability — all issues driving them away from security.
You can access the original article here: http://www.darkreading.com/careers-and-people/cio-ciso-relationship-continues-to-evolve/d/d-id/1327226