Most CISOs are taking on responsibilities in the companies where they work They go beyond cybersecurity. This is reflected in an investigation carried out by IANS Research and Artico Search among more than 830 CISOs and other security managers with which they try to clarify the tendencies of these professionals, as well as the role of their position.
Among the additional roles they take on are several related to business risk, technology oversight and digital transformation. 3% of CISOs attribute the increase in their responsibilities to a greater reach within the company, while others point to an increase in the qualities necessary for their work.
The report divides CISOs into three groups. The first are the strategic ones (28% of the total), which stand out both in access to high-level managers and in influence on the board of directors. These professionals often align cybersecurity with broader business objectives.
The second, half of those consulted, are the functional CISOs. They have notable influence among senior managers and the board of directors, but they lack consistent visibility in both areas.
Finally, tactical CISOs (22%) are defined as technical support practitioners at the administrative level. They have limited access to senior management positions, and do not interact frequently with the board. Strategic CISOs earn a significantly higher salary than those in the other two groups. So much so that it can be 57% higher.
Currently, there are only 47% of these professionals who interact with the boards of directors of their organizations on a monthly or quarterly basis. 42% meet with them when necessary, or never. However, CISOs with regular access to the boards, and with visibility among management, claim that they have a higher level of satisfaction with their jobs than those who do not have access to the board.
Nick Kakolowski, Senior Research Director, IANSpoints out that «The role of CISO is undergoing major changes. They are no longer just security leaders, but are increasingly vital strategists for the business. As their responsibilities expand into areas such as business risk and IT oversight, the ability to align cybersecurity with organizational goals is what makes transformational leaders stand out from others. Those who manage to address these additional responsibilities effectively are redefining their role as indispensable to the success of the business, amplifying their influence and driving greater impact in the organization.«.
Steve Martano, de IANS Faculty y Artico Searchemphasizes that «With the scope of the CISO expanding and evolving, security managers continue to be seen as business managers rather than simply technical managers. Effective communication with senior management has therefore never been more important, as alignment between business strategy and security programming is essential for success and long-term agreements. This report demonstrates that board engagement and access to senior leadership is critical to shaping the future of a security program and a CISO’s career.«.
