So just what can CISOs do to blend in better and gain more respect?
For starters, they need to embrace the reality that almost all executives make risk-based decisions. With this in mind, CISOs can expand executive appetite for risk to include security technologies in support of business endeavors. CISOs should frame discussions to say that containing security risk improves the odds of good business outcomes.
Despite challenges, it’s only a matter of time before even more CISOs sit on the boards of public companies, raising the level of awareness and understanding on how to manage the operational and business risks associated with cybersecurity governance. In time, more experienced CISOs will be sought after to chair board of director risk committees, and that is a good thing.
- See more at: https://www.rsaconference.com/blogs/the-life-of-a-ciso-in-the-c-suite#sthash.dHljXYLO.dpuf
Nobody needs to tell CEOs today that they can ill afford to be exposed to sophisticated cyberattacks or that defense against these attacks is the responsibility of the C-suite. Therefore, it’s no surprise that chief information security officers (CISOs) are rapidly becoming integral parts of corporate leadership teams. Rising stature doesn’t make their job any easier, however, as they still face significant challenges. The cost of a cyber intrusion and accompanying data theft can be huge and corporate reputations sullied. CISOs are under pressure to do the best job possible. And higher expectations of performance– and other lofty responsibilities -- will only increase in coming years. CISOs will have to become more proficient in data privacy matters and position cybersecurity as a business enabler.