The chief information security officer (CISO) role is evolving as they embrace their role as a cyber security leader and a business enabler, according to IDC’s recent global survey.
The survey also showed today’s CISO role is much different than assessing risks and security programs, but also ensuring security practices fully align with business objectives. The digital transformation ushered in the birth of a modern CISO, one that can balance business needs with technical practice strategies.
Kristin Owens, VP of Corporate Marketing at Check Point said, “This landmark survey helps cement what security and IT leaders around the globe believe about their roles, responsibilities, and realities on the job. It confirms that CISOs have evolved from a security head to also being a key enabler of business growth initiatives.”
Balancing act
The study on 847 security leaders across 17 countries revealed that CISOs are balancing business goals and maximising technologies such as networks, clouds, and endpoints.
The study also revealed that the CISO role is also expanding from being an enabler and guardian to wearing the hats of a legal and compliance advisor, risk manager, auditor, customer support leader, and chief communicator.
CISO vs CIO
The survey also showed that the CISO and chief information officer (CIO) are not always on the same page with IT and security priorities and have different opinions on the role a CISO plays in business.
Cybersecurity and vulnerabilities are on top of CISO’s priorities, while CIOs are more focused on ensuring business continuity, minimising disruption, and seeking faster response times from IT.
“Even though I’ve been an analyst covering the cybersecurity sector, I was surprised by the results, particularly the complex relationship CISOs have within their organisations. The survey insights confirm and dispel what we believed about the CISO role and how far it has evolved,” said Frank Dickson, Program VP of Cybersecurity Products at IDC.