What is the reporting line for Information Security in your organization?

Security Strategy & RoadmapFinancial ManagementPeople & Leadership+1 more

Via the CIO/CTO58%

Via the CRO28%

Via the CFO5%

Our CISO reports directly to the CEO7%

lock icon

Please join or sign in to view more content.

905 PARTICIPANTS
7.4k views4 Comments
Sort By:
Oldest
Director of Information Security in Energy and Utilities3 years ago
Would be interesting to see this trend over future years. Supposedly there's been a lot of talk over last few years that InfoSec should be reporting to someone other than CIO (to avoid conflict of interest issues) but reality is that that is still the most prevalent relationship and if it is changing then the pace of change is very slow. Curious if anyone has seen in their orgs this change?
Director in Manufacturing3 years ago
Ours was directly to CEO for years until a major breach and the CEO realized he wanted an extra layer of insulation from CISO and any blame. Now CISO and CIO report to CFO with a dotted line to CTO in Engineering
1
vp information technology in Consumer Goods2 years ago
CISO is a risk manager and as such should report to COO, GC, CFO or CEO. What say you all?
Strategic Banking IT advisor in Bankinga year ago
For years, Security has been part of IT.  But since 3 or 4 years, the team is not directly under the CEO.   Which makes sense since Security isn't only IT.   It includes physical security (offices, buildings, employees), risks, cybersecurity, data protection, etc.

Being under the CEO is also giving them a total independance over IT or LOB.

Content you might like

What is your primary deciding factor in adopting enterprise search?

Strategy & ArchitectureCloudEnd-User Services & Collaboration+26 more

TCO19%

Pricing26%

Integrations21%

Alignment with Cloud Provider7%

Security10%

Alignment with Existing IT Skills4%

Product / Feature Set7%

Vendor Relationship / Reputation

Other (comment)

View Results
5.7k views3 Upvotes1 Comment

If you have had a negative experience with a vendor (without naming the vendor), what did you learn from it?

Financial ManagementVendor Management
VP of Global IT and Cybersecurity in Manufacturing6 years ago
Have clear business requirements up front, make sure the proposal includes items such as scope, timeline, cost, resources.
Read More Comments
22.1k views3 Upvotes28 Comments

What’s on your IAM roadmap for the next 18-24 months?

Identity & Access Management (IAM)Threat & Vulnerability ManagementSecurity Strategy & Roadmap
Director of IT in IT Services4 days ago
Implementation of Zero trust architecture, its modules across the organisation is a priority for us. So, we will be implementing zero trust strategies in IAM, inline with overall strategy.
1.4k views1 Comment

How will your team's headcount change in 2020?

Talent Management & PerformanceFinancial Management

Increase47%

Stay Flat45%

Decrease6%

View Results
2.5k views4 Upvotes

What have been your experiences with using OData with Java and/or .Net?

Applications & PlatformsDatabaseEngineering+1 more
243 views2 Upvotes