CISOs: You need to manage by 'walking around'

[InfoSec News <alerts () infosecnews org>]

https://venturebeat.com/2019/03/16/cisos-you-need-to-manage-by-walking-around/

By Joseph Schorr
Venture Beat
March 16, 2019

Chief information security officers (CISOs) today have replaced chief
information officers (CIOs) as the most under-valued C-level executives. In
fact, according to research from the Enterprise Strategy Group (ESG) and the
Information Systems Security Association (ISSA), nearly one-third (29 percent)
of corporations today still do not have a CISO role or its equivalent. And for
those that do have such a role, the CISO is often relegated to “glorified
administrator” status, rather than strategic business enabler.

This is why CISOs are almost always fired or “resign” after major data breaches.
When shareholders and customers demand blood following a breach, the CISO is the
sacrificial lamb, even if there is no realistic way the CISO could have
prevented the breach under the operating circumstances (which could include
insufficient budget, headcount, and business visibility). This is often a
self-defeating act, since the CISO is usually the most qualified person to
manage post breach forensics, cleanup, and compliance audits.

In many ways, the plight of today’s CISO mimics that of CIOs in the 1990s. Back
then, the CIO stereotype among business executives was “the guy crawling around
under the desk connecting cables.” And, like today’s CISO, the CIO was only
noticed when things went wrong. Today, CIOs have taken their rightful place in
the boardroom as digital business has become a key driver to business strategy
across industries. According to an IDC survey, at the end of 2017 two-thirds of
Global 2000 CEOs had digital transformation at the center of their corporate
strategy. (As Domino’s Pizza CEO Patrick Doyle has famously said, “We are a tech
company that happens to sell pizza.”)

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_