CSO vs. CISO

The Different Roles
The role of a Chief Security Officer (CSO) is the top executive with responsibilities covering the entire security needs and challenges for a firm. Additionally, the CSO is responsible for communicating these security needs and challenges to company management.
 
This CISO role differs from that of a CSO since this position bears the responsibility for structuring security initiatives with security programs and business objectives. Given the increased threats and cyberattacks that are setting new records, the CISO is becoming a more critical and necessary position for many large companies.
 
A Developing Position
Imagine for a moment how it might feel for a highly qualified and experienced Chief Information Security Officer (CISO) to work in a corporate IT security environment where the respect level is clearly stacked against the CISO. Simply put, according to a recent research report, there's a definite lack of confidence from most C-suite top executives regarding the CISO's professional capabilities, potential, and corporate worth. 
 
The survey involved over 200 plus United States based C-Level corporate executives. The vast majority of participants gave a “thumbs down” when asked if CISOs deserved to be included in corporate leadership. A few participants went even further by firmly stating that their CISOs did not have the leadership skills for success in any type of position that did not involve issues such as network security, information security, and cyber attacks.
 
What's behind this pervasive and demoralizing atmosphere in organizations that range from SMBs to Fortune 500 firms? Why is there still a reluctance in many cases to hire a CISO only after a catastrophic hacking such as the data security breach with Neiman Marcus and Target?
 
Moreover, it's illogical that many CISO’s have very little involvement in risk management since their roles are largely restricted to operational functions and putting out fires. 
 
The Bottom Line is, What Gives?
Why are critical security decisions being made without an in-depth understanding of the intricate security risks involved and a clear understanding of a CISO's value? Is it simply a matter of "Don't bother me with those cybersecurity details"?
 
Regardless of the reason or reasons, the role of the CISO will only continue to grow, as cybersecurity costs escalate to record-high levels. The largest problem associated with this position is the lack of seasoned professionals.
 
Spending for cybersecurity is expected to exceed $1 trillion within the next 36 months. Furthermore, the shortfall of experienced cybersecurity professionals is predicted to exceed more than 1 million. The Cimcor 2016 State of Cybercrime Report  digs deeper into what this data truly means and helps illuminate the state of information security.  Learn more now.
 
The State of Cyber Security Report
 
 
 
 
 

Topics

Jacqueline von Ogden

Since 1999, Jacqueline has written for corporate communications, MarCom agencies, higher education, and worked within the pharmacy, steel and retail industries. Since joining the tech industry, she has found her "home".