Who should have the ultimate responsibility for cyber security - the CIO or the CISO?

Strategy & Architecture Team & Organizational Design

25.3k views3 Upvotes19 Comments

Sort by:

IT & Strategy Advisor || Digital & Enterprise Architecture Consultant in Consumer Goodsa year ago

The ultimate responsibility of cyber security risk management lies with CISO. While cybersecurity is mostly related to attacks on IT assets, it beyond IT to OT as well. CISOs in many organisations also are responsible for managing potential cyber threats due to vulnerabilities that points in critical infra structure of Operational Technology (OT) that controls it.

Ideally CIO and CISO roles are generally peers in matured organisations for CISOs function to be more effectively. Typically, CIO reports into CFO or CEO depending upon organisation structure. CISO reports into CRO (Chief Risk Officer) or directly into CEO.

VP of IT in Media3 years ago

CIO of course…

CIO in Education3 years ago

CIO

CEO in Services (non-Government)3 years ago

CISO

Group Chief Information Officer in Construction6 years ago

Every single employee, all executives and board members

Content you might like

What the best AI model you can think of to build a competitive advantage in your business ?

Open Data with Open AI model22%

Private Data with Open AI model64%

Open Data with Private AI model9%

Private Data with Private AI model4%

View Results

When building your data and analytics team, what factors have the most influence on the amount and types of roles that you need to fill?

Amount of data debt18%

Budget58%

Business strategy51%

Company size24%

Data/analytics architectures31%

Data sources30%

Data strategy29%

Industry12%

Operating model14%

Organizational structure9%

Technology stack17%

Other

View Results

What are the fundamental leadership capabilities that are needed for an era of exponential technology and AI innovation?

How do you think AI will disrupt business across industries? Add to my list: 1. Content creation 2. Photos and video production 3. Basic coding and debugging 4. Strategic analysis to be highly complimented

Who should have the ultimate responsibility for cyber security - the CIO or the CISO?

Sort by:

Content you might like

What the best AI model you can think of to build a competitive advantage in your business ?

When building your data and analytics team, what factors have the most influence on the amount and types of roles that you need to fill?

What are the fundamental leadership capabilities that are needed for an era of exponential technology and AI innovation?

How do you think AI will disrupt business across industries? Add to my list: 1. Content creation 2. Photos and video production 3. Basic coding and debugging 4. Strategic analysis to be highly complimented

What are some signs that indicate the IT operating model isn't well-defined, even if the org chart looks perfect?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

CrowdStrike Outage: Impact And Recovery

Impact & Perceptions of A Privacy-First Digital Era

Challenges & Tools For A Privacy-First Internet Age

2024 Software Engineering Priorities and Challenges

Unlocking the Potential: GenAI's Impact on Product Innovation and Growth

Take Your Insights On-the-Go