Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Career Intelligence
    • Cyber Tactics
    • Cybersecurity Education & Training
    • Leadership & Management
    • Security Talk
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Interactive Spotlight
    • Photo Galleries
    • Podcasts
    • Polls
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecuritySecurity Enterprise ServicesSecurity Leadership and Management

5 Minutes With

Business Information Security Officer: What Is This Role?

By Jordyn Alger, Managing Editor
5 Minutes with Bonavita
Bio image courtesy of Bonavita
July 17, 2026

Sometimes, staying informed on security trends as an executive means staying informed on business trends. Here, Chris Bonavita, VP Strategy and Technology Adoption at GTT, discusses the emergence and benefits of the Business Information Security Officer (BISO). 

Security magazine: Tell us about your background and career

Bonavita: Most of my career has been at the intersection of technology and business transformation. I’ve led technology platform sales at Accenture, run a large business process outsourcing operation that I helped transform from a premise-based model to a fully cloud-based one, and most recently built out specialized SD-WAN, SASE, and cybersecurity sales teams at Lumen Technologies before joining GTT. Here, I serve as Vice President of Strategy and Technology Adoption, accelerating GTT Strategic investments  to advance its networking and security as a service solutions on the GTT Envision platform. 

What connects all of those experiences is a focus on how technology actually moves the needle for a business in terms of operational and financial outcomes. That’s why the Business Information Security Officer conversation resonates with me. The idea that security has to be integrated into business outcomes rather than sitting adjacent to them is something I’ve seen play out across every role I’ve held.

Security: What is a Business Information Security Officer?

Bonavita: The BISO is a security leader who is directly accountable for the business outcomes that security risks can affect, like revenue, profitability, and competitive position. This is different from the CISO, who is accountable for security posture; things like protecting infrastructure, networks, and systems. 

I recently became aware that a number of Fortune 500 companies have begun using this title, and when I looked at what was driving it, it made complete sense. Security operations have always ultimately been about protecting the organization’s ability to make money, keep money, and transact business. Some organizations are just now formalizing that reality.

Security: Why is the Business Information Security Officer role emerging?

Bonavita: The short answer is cyber insurance. In the early days of the cyber insurance market, insurers wrote policies without really understanding what they were taking on. Cyber was a new risk category, so there was no historical loss data to model against. Basically, they were pricing in the dark. 

Then ransomware exploded, and the losses burned the insurers. So, the insurers came up with much stricter underwriting standards and started auditing companies. They would deny coverage to companies that didn’t meet their new requirements. That got the attention of CFOs and boards.

Security leaders had to start thinking in financial terms. They had to understand things like coverage gaps and underwriting risk scores. What exactly would a misconfigured endpoint actually cost the business? Once you’re thinking that way, the traditional CISO role isn’t enough. 

And now, AI is accelerating security risks to the business faster than ever. So, companies need a designated security role with a mandate that’s explicitly tied to business outcomes.

Security: What are the organizational benefits of appointing a Business Information Security Officer?

Bonavita: The most immediate benefit is alignment. Security stops being something that happens in a silo and starts being integrated into how the business actually operates. The BISO works alongside finance, legal, and operations, and that changes the conversation at every level of the organization.

The second benefit is prioritization. One of the hardest problems in security is deciding what to protect. The instinct is to protect everything equally, but that’s not feasible. It’s too expensive and the resources don’t exist. A BISO who is tied to business outcomes is better positioned to make those calls, because they understand what data and systems actually matter to the business and what a compromise would cost in real terms.

The third is AI governance. Many organizations are deploying AI tools faster than they can govern them. The BISO’s job is to navigate the tension between AI adoption and the protection of the company’s intellectual property and proprietary processes. 

Security: Anything else you’d like to add?

Bonavita: One thing I’d emphasize is that a BISO can only be effective if they have visibility into your data flows across your network infrastructure. You can't protect what you can’t see, and you can’t prioritize what you don’t understand.

Many security tools operate several steps removed from where data actually lives and moves. By the time a threat is detected, the data has already traveled through multiple layers of infrastructure. The organizations getting this right are those working with partners who have visibility at the network level. That's where you can actually determine what’s valuable and what isn’t, what’s normal and what’s a threat, and ultimately what the business needs to protect to stay competitive.

KEYWORDS: 5 minutes with business intelligence business resilience business resilience planning business strategy information sharing

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Jordynalger

Jordyn Alger is the managing editor for Security magazine. Alger writes for topics such as physical security and cyber security and publishes online news stories about leaders in the security industry. She is also responsible for multimedia content and social media posts. Alger graduated in 2021 with a BA in English – Specialization in Writing from the University of Michigan. Image courtesy of Alger

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Cyber tech background

    Security’s Top Cybersecurity Leaders 2026

    Security magazine’s Top Cybersecurity Leaders 2026 award...
    Cybersecurity
  • Iintegration and use of emerging tools

    Future Proof Your Security Career with AI Skills

    AI’s evolution demands security leaders master...
    Career Intelligence
    By: Jerry J. Brennan and Joanne R. Pollock
  • The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report surveys enterprise...
    The Security Benchmark Report
    By: Rachelle Blair-Frasier
Manage My Account
  • Security Newsletter
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Popular Stories

Hand reaching up out of the ocean

What I Learned About Burnout the Hard Way (and How to Actually Fix it)

Broken wet floor sign

Why Response Time Is Becoming the Missing Metric in Workplace Safety and Security

Paparazzi

When Private Events Become Public Infrastructure: What Celebrity OSINT Teaches Security Leaders

Cyber Tactics

AIBOMs: Bringing AI Security Out of the Shadows, A Practical Guide for Security Professionals

Medical professional

Nearly 85% of Nurses Experienced Workplace Violence in the Last Year

Kaseware sponsored webinar
Schneider Electric sponsored webinar

Events

August 25, 2026

Critical Infrastructure Security Is National Security: Protecting Essential Operations in an Era of Escalating Risk

LIVE: August 25, 2026 at 2 PM EDT Learn why critical infrastructure security has become a national security imperative, and the strategies organizations can adopt to improve visibility, collaboration, and response across their security operations.

August 27, 2026

Leveraging AI & Mobility to Advance Your Security Domain

LIVE: August 27, 2026 at 2 PM EDT Explore how AI-driven cloud security solutions can elevate your security domain enhancing threat detection, streamlining operations, and delivering the resilience modern organizations demand.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products


Alertmedia sponsored webinar

Related Articles

  • security leadership

    The state of the chief information security officer role

    See More
  • The Uncharted Path for New Security Leaders

    Considering the value of leveraging a virtual chief information security officer (vCISO)

    See More
  • security-executive-freepik1170x658v7.jpg

    Matt Mullenix named Bowman's EVP, Chief Information Officer, Chief Information Security Officer

    See More

Related Products

See More Products
  • Security of Information and Communication Networks

  • physical security.webp

    Physical Security Assessment Handbook An Insider’s Guide to Securing a Business

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • Newsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2026. All Rights Reserved BNP Media, Inc. and BNP Media II, LLC.

Design, CMS, Hosting & Web Development :: ePublishing