Who should have the ultimate responsibility for cyber security - the CIO or the CISO?

25.4k views3 Upvotes19 Comments

Sort by:

IT & Strategy Advisor || Digital & Enterprise Architecture Consultant in Consumer Goods2 years ago

The ultimate responsibility of cyber security risk management lies with CISO. While cybersecurity is mostly related to attacks on IT assets, it beyond IT to OT as well. CISOs in many organisations also are responsible for managing potential cyber threats due to vulnerabilities that points in critical infra structure of Operational Technology (OT) that controls it.

Ideally CIO and CISO roles are generally peers in matured organisations for CISOs function to be more effectively. Typically, CIO reports into CFO or CEO depending upon organisation structure. CISO reports into CRO (Chief Risk Officer) or directly into CEO.

VP of IT in Media4 years ago

CIO of course…

CIO in Education4 years ago

CIO

CEO in Services (non-Government)4 years ago

CISO

Group Chief Information Officer in Construction7 years ago

Every single employee, all executives and board members

Content you might like

How do you think AI will disrupt business across industries? Add to my list: 1. Content creation 2. Photos and video production 3. Basic coding and debugging 4. Strategic analysis to be highly complimented

What is the right platform/cloud services with of the shelf tools can be used to create enterprise GenAI SaaS in organization with multiple companies and subsidiaries?
In the target SaaS model, multiple APIs should be available to consume external LLM services, front end, prompt library that can be used by the end user, predefined data sources, Guardials and security controls.

Beyond budget and talent, what organizational dynamics are threatening execution? How are you addressing challenges such as misalignment with the business, lack of stakeholder understanding of technology imperatives, and regulatory complexity?

Is your organization considering Desktop as a Service (cloud desktops) as a way to deliver workspaces to your employees?

Yes66%

No23%

Already deployed10%

View Results

When evaluating data security solutions, which of the following is your top priority?

Solution cost11%

Effectiveness54%

End-to-end platform offering20%

Implementation6%

Integration4%

Solution management overhead2%

Other

View Results

Who should have the ultimate responsibility for cyber security - the CIO or the CISO?

Sort by:

Content you might like

How do you think AI will disrupt business across industries? Add to my list: 1. Content creation 2. Photos and video production 3. Basic coding and debugging 4. Strategic analysis to be highly complimented

Beyond budget and talent, what organizational dynamics are threatening execution? How are you addressing challenges such as misalignment with the business, lack of stakeholder understanding of technology imperatives, and regulatory complexity?

Is your organization considering Desktop as a Service (cloud desktops) as a way to deliver workspaces to your employees?

When evaluating data security solutions, which of the following is your top priority?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

CrowdStrike Outage: Impact And Recovery

Building Inclusion into DEI strategy: Insights from HR Leaders

How Do Cybersecurity Leaders Address Employee Burnout?

Software Engineering Teams Plan to Scale Up Productivity

Maintaining Software Team Productivity During Downsizing

Take Your Insights On-the-Go