Law.com Subscribers SAVE 30%

Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.

Why Untangling the CISO from IT Can Improve Governance and Security Outcomes

By Jake Frazier
April 01, 2021

Roles and responsibilities aren't always clearly defined at the executive level. There's often overlap across certain key initiatives and teams, which can lead to blurred lines or confusion among stakeholders. This is particularly common across CIO and CISO roles.

Traditionally at most organizations, the CISO position was created and nested under the IT department's umbrella, with the CISO reporting to the CIO. This started to shift in recent years, as the responsibilities of the CISO expanded in parallel with the increasing complexity of security risks and the cyber threat landscape. Information security professionals are now squarely accountable for protecting their organizations from costly data breaches — estimated to cost an average of $8.19 million per incident — and managing security staffing and resources that represent a $173 billion market.

Still, despite the fact that the CISO's duties are growing in scope and importance, and data protection has become a board-level concern, many security leaders still do not have a direct line to the CEO. One study from CIO and CSO magazines found that 60% of CISOs do not report to the CEO directly, and a Ponemon report found that 40% of CISOs do not have a direct seat at the leadership table, even in the event of a security incident.

This premium content is locked for Entertainment Law & Finance subscribers only

  • Stay current on the latest information, rulings, regulations, and trends
  • Includes practical, must-have information on copyrights, royalties, AI, and more
  • Tap into expert guidance from top entertainment lawyers and experts

For enterprise-wide or corporate acess, please contact Customer Service at [email protected] or 877-256-2473

Read These Next
Top 5 Strategies for Managing the End-of-Year Collections Frenzy Image

End of year collections are crucial for law firms because they allow them to maximize their revenue for the year, impacting profitability, partner distributions and bonus calculations by ensuring outstanding invoices are paid before the year closes, which is especially important for meeting financial targets and managing cash flow throughout the firm.

The Self-Service Buyer Is On the Rise Image

Law firms and companies in the professional services space must recognize that clients are conducting extensive online research before making contact. Prospective buyers are no longer waiting for meetings with partners or business development professionals to understand the firm's offerings. Instead, they are seeking out information on their own, and they want to do it quickly and efficiently.

Should Large Law Firms Penalize RTO Rebels or Explore Alternatives? Image

Through a balanced approach that combines incentives with accountability, firms can navigate the complexities of returning to the office while maintaining productivity and morale.

Sink or Swim: The Evolving State of Law Firm Administrative Support Image

The paradigm of legal administrative support within law firms has undergone a remarkable transformation over the last decade. But this begs the question: are the changes to administrative support successful, and do law firms feel they are sufficiently prepared to meet future business needs?

Tax Treatment of Judgments and Settlements Image

Counsel should include in its analysis of a case the taxability of the anticipated and sought after damages as the tax effect could be substantial.