Nearly half of C-level executivesview the primary role of a chief information security officer (CISO) as being “accountable for any organization data breaches” – in other words, a scapegoat, according to a study by ThreatTrack Security. Seventy-four percent of respondents to the survey said they do not believe CISOs should be part of an organization’s leadership team. Additionally, 61 percent of the C-level respondents do not believe their CISO would succeed in a non-information security leadership position in the organization.
“At a time when enterprise security data has never been more important, the executive team is still keeping the CISO at arm’s length,” the report says.