CISOs And Their Boards Of Directors: Viewing Cyber Risk Differently
Fortra, January 3rd, 2023
CISOs - the senior level executives responsible for developing and implementing cybersecurity programs for corporations and other organizations - are not happy campers these days. And it's not just because they are chronically understaffed and under constant pressure.
As it turns out, Chief Information Security Officers (CISOs) often don't see eye-to-eye with boards of directors on a number of fronts, even though boards have been taking cybersecurity more seriously and typically ask more sophisticated questions about risk exposure and management. This further adds to CISO frustration.
Things will likely get better eventually, partly because the Securities and Exchange Commission has proposed new rules for how public companies oversee cybersecurity and information technology. In addition, research firm Gartner predicts that 40 percent of boards will have a dedicated cybersecurity committee overseen by a qualified board member by 2025 - up from less than 10 percent today.