Home

Does the CIO/CISO reporting structure undermine security at an organization?

Does the CIO/CISO reporting structure undermine security at an organization?

Top Comment: The question is vague. Do you mean that the CISO reports to the CIO?. View poll results (584 responses)

846 views
584 responses
1 upvotes
Yes59%
No41%
Related Tags
Anonymous Author
The question is vague. Do you mean that the CISO reports to the CIO?
0 upvotes
Anonymous Author
It depends… industry, IT/IS alignment to industry, and size of company all matter. CISO reporting to CIO could align and deliver great results with the right team, but given the CISO can (should IMHO) have responsibilities outside the CIO portfolio, it’s not ideal. Additionally, it suggests that the progression is from CISO to CIO and if you talk to CISOs I’m not sure you’ll find that. However, depending on the sea of tech related C-suites it may make sense. CIO, CTO, CDO, the other CDO, CISO, and more can be a lot. In the end, CIO and CISO as peers have huge advantages, but the organization needs to value this and have the attention for both.
0 upvotes