Do CISOs Want to Split Their Role

in #cybersecurity4 days ago


A recent report by Trellix indicated that due to growing complexity, responsibility, and regulatory accountability, a majority of CISOs believe their role should be split into separate positions.

This finding struck me as a little odd. It seems counterintuitive that CISOs really want their role split between technical aspects and cyber risk leadership?

I cannot image this tactic been successful. First, nobody wants to add more C-level execs. That just complicates leadership circles. Secondly, the risk leadership role needs direct oversight of technical protective aspects, compliance, and behavior/policy, to properly understand and manage overall cyber risks.

I do however believe that depending on the size and complexity of the environment, the technical role should be a reporting function into the CISO. This is also true of other domains like GRC, threat intelligence, risks quantification, and perhaps even privacy!

I don’t see a positive outcome if any of these roles are separated from an existing CISOs oversight. It should not be a split, rather a purposefully designed hierarchical structure under the CISO that will make leader more capable and effective in navigating and steering the risks seas.

#business #technology #leadership #news
4 days ago in #cybersecurity by
$0.99
  • Pending payout amount: $0.99
  • Breakdown:
        0.00 SBD,
        2.68 STEEM,
        2.68 SP
  • Payout in 3 days
4 votes
Reply 1
Sort:  
  • Trending
    • [-]
     4 days ago 

    Not sure if that makes a lot of sense. Why limit your executive visibility?

    $0.04
    • Pending payout amount: $0.04
    • Breakdown:
          0.00 SBD,
          0.10 STEEM,
          0.10 SP
    • Payout in 3 days
    1 vote
    Reply

    Coin Marketplace

    STEEM 0.18
    TRX 0.16
    JST 0.030
    BTC 68328.66
    ETH 2639.93
    USDT 1.00
    SBD 2.68