The realization is growing in the C-Suite that just one serious security incident or data breach could derail the growth and pro tability of their companies because of the cost to remediate, nes and legal fees, and customer loss. As a result of this awareness, the role of the CISO is growing in importance, as is the need to have an enterprise-wide IT security strategy that supports the company’s mission and goals.
This research on the evolution and in uence of the CISO is based on in-depth interviews with senior-level IT professionals (those with CISO level role and responsibility) at 184 companies in seven countries1 to represent a global footprint. This report presents the consolidated global ndings to better understand the nature of the CISO role and reveal insights, challenges, and approaches to security strategy in today’s global threat landscape.
Participants in this research agree that as cyber attacks and other threats increase in frequency
and sophistication, the CISO role will become more critical, especially in managing enterprise risk, deploying security analytics, and ensuring the security of Internet of Things (IoT) devices. However, to play a bigger role in their organizations, it is essential not only that CISOs have the necessary technical expertise and leadership skills, but also that they understand their companies’ operations and be able to articulate IT security priorities from a business perspective.