Security News > 2021 > January > CISO Conversations: Intel, Cisco Security Chiefs Discuss the Making of a Great CISO
In this installment of SecurityWeek's CISO Conversations series, we talk to two veteran security leaders in the technology sector: Brent Conran, CISO at Intel Corp., and Chris Leach, Senior CISO Advisor at Cisco Systems.
"When I first started as a CISO, some 20 years ago, I reported to the CIO - and that made sense. But as the CISO role and accountability have evolved, so the reporting structure needs to change as well. Whoever controls the security budget controls the security - and the CIO has different priorities." CIOs want smooth computing; CISOs want secure computing - and the two concepts are not always fully compatible.
"If, as a CISO, you continually raise a hand to escalate issues - and assuming the reporting is to a CIO who has different priorities and ignores you - what can you do? If there is a subsequent breach, it is the CISO who bears the mark of that breach on his CV, forever.
If the CISO is going to take the blame for a failure, he needs to be given the authority to prevent it.
The CISO must be able to sit down with business in a consultative manner, and say, 'I understand where you're trying to go - let me explain the best way to get there.
Asked outright whether the CISO needs to be a businessman or a techie, he replied, "I don't understand the question.
News URL
Related news
- CISOs don’t invest enough in code security (source)
- GitHub CISO on security strategy and collaborating with the open-source community (source)
- CISOs are juggling security, responsibility, and burnout (source)
- Zscaler CISO on balancing security and user convenience in hybrid work environments (source)