Reporting to CEO reduces risks and costs, but change comes slowly

An increasing number of experts are urging companies to stop having the CSOs and CISOs report to the CIO in order to reduce conflict of interest, risk, even downtime and financial losses, but there hasn't yet been much evidence of progress.

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

An increasing number of experts are urging companies to stop having the CSOs and CISOs report to the CIO in order to reduce conflict of interest, risk, even downtime and financial losses, but there hasn't yet been much evidence of progress.

In most organizations, the CIO and the CSO have very different objectives. And, in fact, those objectives may be directly opposed to one another.

"When the security team reports into the CTO or the CIO, the security team has traditionally been known as the 'no' team, and the job of the CIO or CTO is to build products, to build technology," said Aleksandr Yampolskiy, co-founder and CEO at SecurityScorecard.

To continue reading this article register now

Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.