This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
This Website Uses Cookies By closing this message or continuing to use our site, you agree to our cookie policy. Learn MoreThis website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
While many organizations understand the need for a security executive, organizations that have taken a holistic approach, have added the chief risk officer (CRO) position to evaluate all organizational risk. After speaking with academics, experts and executives in the risk and security field, I have found an increasing interest toward risk identification and mitigation and identified key factors in developing the ideal role and finding the perfect candidate for any enterprise.
The CRO takes a higher-level approach than the chief security officer (CSO), who is tasked with overseeing the physical and/or cybersecurity of an organization. The CRO looks at all aspects of risk and how it may affect an organization. This includes physical security and cybersecurity, but also may include financial, insurance, reputational and other risks.