Chief Information Security Officers (CISOs) Gain Power and Responsibility

After years of learning the ethos of business leadership and risk management, CISOs have secured their place at the boardroom table and the authority to make decisions. However, many argue that their jobs are more challenging than ever, and this is not how it was supposed to happen.

CISOs’ Increased Involvement in Boardroom Decision-Making

A recent survey from Splunk revealed that 82% of CISOs who responded reported directly to the CEO, up from 47% in 2023. Furthermore, 83% of CISOs participate regularly in board meetings. In response, CISOs have had to upskill in areas such as:

• Honing communications skills: to effectively communicate with the board and other stakeholders
• Understanding business needs: to make security a business-enabler and drive digital resilience

The Importance of Cybersecurity Expertise on the Board

While some CISOs, like Sica, have a supportive board with a security-conscious leader, this is not the case for many. The survey showed that only 29% of CISOs have a board with at least one cyber expert. This highlights the need for CISOs to continue pushing for cybersecurity to be a central part of the C-suite conversation and for boards to recognize the importance of adding more cybersecurity experts to their ranks.

The Future of Cybersecurity and the C-Suite

According to Michael Fanning, CISO of Splunk, progress requires CISOs and boards to work together to drive digital resilience. This involves educating boards on the details of cybersecurity and for CISOs to understand the language and needs of the business. By bringing these groups together, CISOs and boards can close gaps, gain greater alignment, and better understand each other to drive business success.