Who should have the ultimate responsibility for cyber security - the CIO or the CISO?
Sort By:
Oldest
Chief Security Officer in Software6 years ago
CISOCIO in Software6 years ago
CISO unless the CIO has a very strong background in Cyber Security
CTO in Software6 years ago
CISO
CTO in Software6 years ago
The entire company, including the BoardCxO and Startup Advisor in Software6 years ago
This is by far the best answer here...
Chief Security Officer in Software6 years ago
I’ll add to my original comment. If a company is mature enough then I still think the CISO, but in a lot of cases, depending on who has the most business/technology responsibility, it is usually the CTO or CIO. At my last 2 companies it has been the CTO. CTO in Software6 years ago
I don't understand the context around a company being mature enough, or not, for security to be a first-class citizen. That will never be solved by reporting structure, and security, as I at least previously implicitly said, needs to be embedded into the entire DNA of a company. Compliance != Security Chief Security Officer in Software6 years ago
Completely agree Mike and I think that is what all security pros strive for, but that isn’t always the reality. However, some organizations just haven’t figured out the priority of security.