Do you think the CISO role is becoming more technical or less technical, relatively speaking?

Leadership Security & GRC

More technical44%

Less technical44%

Neither12%

Unsure…

26 PARTICIPANTS

259 views3 Comments

Sort by:

CISO| Legal & Regulatory APAC lead in Media4 months ago

In my thoughts,
The role of the Chief Information Security Officer (CISO) has been evolving significantly over the years. While it traditionally focused on technical aspects of cybersecurity, it has increasingly taken on more strategic and business-oriented responsibilities.

The CISO role still requires a deep understanding of technical cybersecurity measures, especially with the rise of sophisticated threats and the integration of advanced technologies like AI and machine learning. Technical expertise remains crucial for implementing and overseeing security protocols and responding to incidents.

Principle Consultant in IT Servicesa year ago

It depends on the size of the organization. I have seen smaller organizations with CISO which are very technical. As organizations grow, the CISO will need to be less technical to talk to senior leadership. Being able to talk technical helps understand how security is implemented.

Sr. DIR GRC in Mediaa year ago

A CISO may not need to be highly technical to execute the role, but being technical is a tremendous advantage, and I see it as a big plus when I interact with a CISO.

Content you might like

From your POV, what’s the current state of your resources/funding for data security governance efforts, overall?

Excellent (more than enough)11%

Good (we have enough to reach our goals)52%

Acceptable (could be better but we make do)34%

Poor/unacceptable (more funding needed ASAP)3%

Unsure / other

View Results

Are software engineering managers at your org required to complete training on DevSecOps/secure development?

Yes - managers must complete training50%

No - training is available but it is not required 41%

No - training is not available and not required for managers8%

Other

View Results

How have you dealt with employee pushback on the addition of new controls, especially for monitoring? Do you address their concerns around privacy, etc, proactively to get their buy-in?

I’ve been digging into ways to strengthen Zero Trust on IBM i systems, especially as more orgs shift toward hybrid cloud. I’m curious, how are others approaching threat detection around shadow AI use and supplier exposure in these environments?

Our company deeply entered in the Microsoft world (EntraId, M365, Azure). Microsoft is publishing, in particular, a compliance dashboard and security dashboard. How are you using them and which kind of governance are you putting around them?

Do you think the CISO role is becoming more technical or less technical, relatively speaking?

Sort by:

Content you might like

From your POV, what’s the current state of your resources/funding for data security governance efforts, overall?

Are software engineering managers at your org required to complete training on DevSecOps/secure development?

How have you dealt with employee pushback on the addition of new controls, especially for monitoring? Do you address their concerns around privacy, etc, proactively to get their buy-in?

I’ve been digging into ways to strengthen Zero Trust on IBM i systems, especially as more orgs shift toward hybrid cloud. I’m curious, how are others approaching threat detection around shadow AI use and supplier exposure in these environments?

Our company deeply entered in the Microsoft world (EntraId, M365, Azure). Microsoft is publishing, in particular, a compliance dashboard and security dashboard. How are you using them and which kind of governance are you putting around them?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

How are U.S. CISOs Addressing Liability Risk?

CrowdStrike Outage: Impact And Recovery

Impact & Perceptions of A Privacy-First Digital Era

Challenges & Tools For A Privacy-First Internet Age

IT and Infosec Collaboration on Vulnerability Patching

Take Your Insights On-the-Go