Donald E Hester
The Importance of the CISO
A survey by ThreatTrack demonstrates that the role of CISO is misunderstood and underappreciated by C-Level peers. It seems business executives do not have confidence that the CISO understands the business. It seems many executives make business decisions that have cyber risk without input from their CISO. Or the responsibility of cyber risk management and compliance is placed with the head of IT (CIO or director). Often the head of cybersecurity does not have an audience with the business decision-makers because they are too far down the organization hierarchy to be useful or even heard. This increases the disengagement between cybersecurity and the organization. In the end, this tangibly hurts the organization.
Many exe