CIO OPINION
Breach report estimating the average global cost at US $ 4.35 million , no organization can afford to take cyber lightly . cyberdefenses . Celebrations for a short development cycle and successful product launch will be undermined if leaky security causes a significant breach .
Additionally , CISOs have begun to catch up to CIOs as influential business leaders , undergoing the same transition from technical specialist to innovator and revenue generator .
Gartner reports CISO ’ s have become ‘ key enablers of digital business and are accountable for helping the enterprise balance the associated risks and benefits ’ due to their role in measuring , prioritizing and improving the enterprise ’ s security posture .
With IT and security often already at odds , this expanded role could lead to more conflict as the two departments compete for budget and boardroom attention .
Alternatively , IT and security could work together , complement each other ’ s capabilities , and pool their talents to help their company unlock digital opportunities without inviting in cyber-risk .
Meanwhile , security teams should consider their IT counterparts a telemetry system for cyber-risk . Working closely with the IT department will give security pros more feedback and insight into the workforce ’ s security and productivity needs .
Cultural change generally comes from the top down , so CIOs and CISOs need to take the lead in opening up communication and collaboration .
CISOs can slot into the business hierarchy in multiple ways . A study by PwC found the majority ( 40 %) of CISOs now report to the CEO . Other common options are for the CISO to report directly to the board or the CIO .
Having both the CIO and CISO report to the CEO is thought to help reduce friction since it puts the departments on equal footing .
So how do we get these two departments on the same page again ?
There must be a shift in mindset so that IT and security teams regard each other as partners .
The IT department needs security because , while speed is important when developing and deploying applications , it must not jeopardise the organization ’ s
CISO ’ s have become ‘ key enablers of digital business and are accountable for helping the enterprise balance the associated risks and benefits ’.
www . intelligentcio . com INTELLIGENTCIO NORTH AMERICA 45