Security News > 2021 > January > CISO Conversations: Intel, Cisco Security Chiefs Discuss the Making of a Great CISO
In this installment of SecurityWeek's CISO Conversations series, we talk to two veteran security leaders in the technology sector: Brent Conran, CISO at Intel Corp., and Chris Leach, Senior CISO Advisor at Cisco Systems.
"When I first started as a CISO, some 20 years ago, I reported to the CIO - and that made sense. But as the CISO role and accountability have evolved, so the reporting structure needs to change as well. Whoever controls the security budget controls the security - and the CIO has different priorities." CIOs want smooth computing; CISOs want secure computing - and the two concepts are not always fully compatible.
"If, as a CISO, you continually raise a hand to escalate issues - and assuming the reporting is to a CIO who has different priorities and ignores you - what can you do? If there is a subsequent breach, it is the CISO who bears the mark of that breach on his CV, forever.
If the CISO is going to take the blame for a failure, he needs to be given the authority to prevent it.
The CISO must be able to sit down with business in a consultative manner, and say, 'I understand where you're trying to go - let me explain the best way to get there.
Asked outright whether the CISO needs to be a businessman or a techie, he replied, "I don't understand the question.
News URL
Related news
- AI’s rapid growth puts pressure on CISOs to adapt to new security risks (source)
- Cisco’s Splunk Acquisition Should Help Security Pros See Threats Sooner in Australia and New Zealand (source)
- CISOs pursuing AI readiness should start by updating the org’s email security policy (source)
- Security and privacy strategies for CISOs in a mobile-first world (source)
- The Annual SaaS Security Report: 2025 CISO Plans and Priorities (source)
- eBook: CISO guide to password security (source)