How many direct reports away from the CEO is the senior-most security executive?

Direct report11%

125%

232%

318%

49%

>53%

1123 PARTICIPANTS
13.3k viewscircle icon3 Upvotescircle icon6 Comments
Sort by:
Director Certifications in Education5 years ago

The senior-most security executive is the CISO.  For most organizations, I recommend reporting directly to the CEO.

Lightbulb on1
Group Chief Information Officer in Construction6 years ago

The answer of this question is vary depending on our industry and maturity of the corporate

Lightbulb on2 circle icon4 Replies
no title5 years ago

This is a very good question, and Ali is right depend on the industry and if the company is publicly traded. My experience is the CISO should report administratively to the CIO, but have a direct report to the CEO. The reason  is that the CEO needs to hear directly from the security guy, this prevent the CIO from sugarcoat the state of security in the organization.

no title3 years ago

Help me understand why a CISO should report administratively to the CIO. <br><br>If a CISO should have a direct report to the CEO, why shouldn’t the CIO report to the CISO and solve this multi-reporting structure?

Lightbulb on1

Content you might like

Yes - I can't wait to see my coworkers. It will help with my day-to-day job role.60%

No - I like the established routine I made during the COVID-19 pandemic and I'm not interested in changing that.39%