CISO vs CFO: Why Are The Conversations Difficult?
CSO Online, Monday, May 5th, 2025
Bridging the gap between CISOs and CFOs means ditching old stereotypes, speaking the same language, and turning cybersecurity from a budget battle into a blueprint for business growth.
When CISOs walk into budget meetings they often ask for money to prevent abstract disasters: events that haven't happened and hopefully never will. Unlike other executives who can draw a clear line between funding requests and generating revenue for the organization, CISOs deal in hypotheticals. They talk about potential ransomware attacks or data breaches that could expose sensitive customer and company information.
This is why convincing CFOs to invest heavily in cybersecurity to mitigate such threats can be difficult. More often than not, the conversation is riddled with frustration, miscommunication, and crossed wires. While CISOs frame cybersecurity as essential protection against looming threats, CFOs seek measurable returns and tangible outcomes, which can leave both sides struggling to find common ground.