Who should have the ultimate responsibility for cyber security - the CIO or the CISO?

Strategy & ArchitectureTeam & Organizational Design
25.3k viewscircle icon3 Upvotescircle icon19 Comments
Sort by:
IT & Strategy Advisor || Digital & Enterprise Architecture Consultant in Consumer Goodsa year ago

The ultimate responsibility of cyber security risk management lies with CISO. While cybersecurity is mostly related to attacks on IT assets, it beyond IT to OT as well. CISOs in many organisations also are responsible for managing potential cyber threats due to vulnerabilities that points in critical infra structure of Operational Technology (OT) that controls it.

Ideally CIO and CISO roles are generally peers in matured organisations for CISOs function to be more effectively. Typically, CIO reports into CFO or CEO depending upon organisation structure. CISO reports into CRO (Chief Risk Officer) or directly into CEO. 

VP of IT in Media3 years ago

CIO of course…

CIO in Education3 years ago

CIO

CEO in Services (non-Government)3 years ago

CISO

Group Chief Information Officer in Construction6 years ago

Every single employee, all executives and board members

Lightbulb on2

Content you might like

AI and Research in Marketing and Communications: How Are You Ensuring Quality and Truth Over Speed? As AI becomes embedded in our day-to-day marketing operations, from customer insight to content strategy, it’s clear we’re gaining speed and scale. But are we sacrificing veracity and quality of output in the process? One of the biggest challenges I'm seeing is the rise of hallucinated content in AI-generated research.   - How do we ensure AI systems are surfacing trustworthy, contextually accurate, and well-sourced information? - Are we building enough verification layers into our AI-driven content and research workflows? - And how are you educating teams (and execs) to challenge AI outputs, rather than accept them at face value? - What frameworks, tools, or governance models have you adopted to maintain integrity and depth in AI-led research and insight creation? - Have you had success (or struggles) balancing speed vs. substance in AI-powered strategies? Your thoughts, examples, and recommendations would be incredibly valuable in helping others try to navigate this shift responsibly.

How do you think AI will disrupt business across industries? Add to my list: 1. Content creation 2. Photos and video production 3. Basic coding and debugging 4. Strategic analysis to be highly complimented 

Read More Comments

Are you planning to implement an Internal Developer Platform or Portal in your organization in the next 12 months?

Yes!15%

Maybe, we are evaluating it54%

No, but may be in the next 24/36 mo21%

No, I don’t need it6%

No, I’ve already it1%

I don’t know what is it

View Results

Have you rethought how you lead a remote/hybrid team at all this year? Any advice or wisdom you can share?

What are the key trends that will headline digital retail and e-commerce in 2024?

In-store experience as a leverage for small players14%

GenAI will drive hyper-personalisation46%

TikTok shop will lift up livestream commerce23%

Immersive digital experiences- AR & VR41%

Advanced payment methods in FinTech27%

Sustainability & re-commerce35%

Data, privacy & AI regulation will slow down innovation23%

Increased spend in platforms & tech16%

AI-led supply chain optimisation17%

View Results