CISOs need to be forceful to gain leverage in the boardroom

2023-09-12 03:30

Over 70% of CISOs feel that the importance of information security is not recognised by senior leadership, according to BSS. The CISOs said their top four highest investment priorities in 2023 are change management, information security resilience, data security, and information security assurance and testing.

Of the 150 information security decision makers surveyed, 28% of CISOs agreed that the value of their role was recognised by the board.

9% said information security is always in the top three priorities on the boardroom's meeting agenda, identifying a worrying lack of buy-in to its importance for fundamental business operations.

From cloud transformation design, through to multi-person international change programmes in information security resilience and recovery, a structured process for evaluating a proposed system or service change is crucial.

With the correct frameworks in place, the trap of assuming the information security team will just cope with every change project can be avoided.

"CISOs need to be forceful and use business impact as ammunition to give them leverage in the boardroom to receive the resources and investment they need. It's high time CISOs are acknowledged as a vital enabler to commercial operations, with information security a part of every business decision."

News URL

https://www.helpnetsecurity.com/2023/09/12/cisos-role-boardroom/

#ciso