Forward-looking CISOs are pursuing a new role, building stronger cross-functional relationships to support innovation and transformation.
How do chief information security officers (CISOs) win the confidence of their boards, secure the resources they need to protect their enterprises, and move into a more strategic position in the business? New EY research reveals that the next generation of CISOs is determined to play a pivotal role in driving value and enabling change. To get there, these CISOs are pursuing a new type of relationship with their colleagues.
CISOs know all too well that in the face of the mounting cybersecurity threat, their fundamental responsibility is the safety and security of their organizations. And this year’s EY Global Information Security Survey (GISS) of almost 1,300 organizations worldwide, finds that attacks are becoming more frequent: 59% of organizations say they have been targeted more often over the past 12 months than in the previous year.
However, the GISS also reveals that next-generation CISOs believe their role now needs to expand. They expect to be much more business-aligned, focused on building relationships outside of IT, and engaged with the organization’s commercial imperatives – including digital transformation.
The innovative CISO
Next generation CISOs – who are currently in the minority – are already carving out that kind of role for themselves. For example, they are engaging with their boards more regularly, with 29% of organizations surveyed, confirming that cybersecurity is a board agenda item every quarter. And they are reaching out across the business to forge new alliances with functions with which the CISO traditionally has little contact. Many security teams have built trusting relationships with functions such as IT and risk, who are their closest colleagues in the organization, but the GISS shows that some are going further: 26% of respondents describe their relationship with marketing as being of mutual or high trust, involving good levels of consultation, and 36% say the same of the research and development team.