Information Security

Defending the digital infrastructure

peshkova - Fotolia

The chief information security officer role grows in stature

No longer do CISOs hunt for a seat at the decision-maker's table. But with increased recognition of their vital role comes vast responsibilities and need for a big skill set.

A single, definitive explanation of the chief information security officer role does not exist, at least not yet. For many years, CISO responsibilities were part of the job portfolio of some senior exec or, more likely, a senior member of the IT department. But that's changing, and fast. Why? Cyber intrusions with massive theft of information and intellectual property, and the rise of new exploitation methods -- including ransomware, advanced persistent threats and insider threats -- to name just a few. These and other developments -- not the least of which is the internet of things and its impact on corporate information security -- are raising awareness of the central importance of information security. 

This puts the CISO role in the spotlight in a way not seen before. It's been awhile since companies began to move their CISOs out of the IT department and into the C-suite, putting them on par with CIOs, but not all corporations have followed suit. Now, though, the need for an executive-level security person is getting increasingly obvious.

The chief information security officer role is rapidly maturing from being IT-centric to becoming an integral part of a holistic risk management framework with access to the highest levels of the organization. This relatively recent evolution makes the chief information security officer role a complex one, and not easy to fill. It requires advanced technological knowledge, business acumen, and a set of cybersecurity skills that needs constant updating. The new edition of our quarterly Information Security magazine supplement examines the job of CISOs in its latest iteration and delves into closely related issues, such as the difficulty of finding the combination of security and IT skills desperately needed now. 

Article 4 of 4

Next Steps

Why it's vital for the CISO and the CFO to collaborate

Stronger together: How to build a CISO-CIO partnership

How the internet of things affects CISOs

This was last published in October 2017

Dig Deeper on Careers and certifications

Get More Information Security

Access to all of our back issues View All