The state of the chief information security officer role

The growing importance of cybersecurity has led to an expansion in security leadership roles. According to an IANS report, most fortune firm chief information security officers (CISOs) are VP-level or higher.

The report found that 74% of CISOs and global CISOs report to a CIO or CTO. The other 26% report to a business function such as a COO, CFO, chief risk officer or legal counsel.

According to the report, four in 10 CISOs spend five to 10% of their budget on outsourcing and one in five spend 11% to 20%. At the $1 billion revenue milestone, nearly all retail CISOs have hired a head of security operations (SecOps) and most have a head of governance, risk and compliance (GRC) role on their organizational roster.

Another 4% of CISOs indicated they have the SecOps leader role in their staff that is currently vacant with a critical need to fill. Nineteen percent of CISOs report looking for a head of SecOps in the immediate or near future.

For more information, click here.

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Taelor Sutherland is the Associate Editor at Security magazine. Sutherland covers news affecting enterprise security leaders, from industry events to physical & cybersecurity threats and mitigation tactics. She is also responsible for coordinating and publishing web exclusives, multimedia content, social media posts, and a number of eMagazine departments. Sutherland graduated in 2022 with a BA in English Literature from Agnes Scott College.