If you and your program are not viewed as adding value and assisting the business in executing its strategy, then you are relegated to a draw on overhead or worse yet a necessary evil. If you are viewed as the latter, it might be time to brush up your resume, as your days may be numbered.
Security organizations both in the private and public sectors have made considerable progress in gaining stature. More and more senior security executives truly have a seat at the table today as a respected member of the C-suite. Many security executives regularly interface with the Board of Directors and maintain excellent relationships with board members. Security organizations still have a lot of room for improvement.
Since the onset of the 24-hour news cycle and the constant barrage of social media blogs, the way things are characterized seems to have evolved into creating the most sensationalized sound bite.
There have been volumes written about the role of the CSO and how to gain a seat at the table in the C-suite. A relatively small number of CSOs have been able to convince their management that the CISO should be under their purview, citing the inherent mission conflicts that exist when the CISO reports to the CIO.