Five Reasons Why CISOs Should Report To CEOs
Forrester, February 21st, 2023
For this research, we examined Forrester data on CISO reporting and organizational structures: CEO- and board-aligned; IT-aligned; and risk-aligned.
CEO- and board-aligned CISOs report directly to the CEO or a board-level committee; IT-aligned - the most traditional approach - report into CIOs or other IT leaders; and risk-aligned leaders report into another C-level executive such as a general counsel, COO, or CFO, though most of our sample reported into a chief risk officer, hence the nomenclature.