Where do CISOs sit in today’s organisations?

In today’s more treacherous cyber security environment, organisations with the biggest targets on their heads can’t afford not to employ a dedicated data security expert, such as chief information security officer (CISO) or similar title, not only to keep the organisation safe from malicious actors – and complacent staff, but also to ensure adherence to the latest laws, regulations and compliance requirements around the handling of data. Yet even those that do aren’t necessarily achieving the protections they should because of entrenched cultural issues, especially in terms of how boards think about and manage risk. Many executives remain focussed on financial risk and don’t fully appreciate the cyber variety until a major incident slaps everyone in the face, and then suddenly spending on cyber has a more obvious ROI. Boards also tend to think that cyber should be part of a CIO’s job. This is especially the case in smaller organisations that wouldn’t normally budget for a CSIO as well. But even when they do, how clear is it who’s responsible for what and reporting to whom? Should CISOs operate as independent threat detectors or operate within IT? Join our host, CIO associate editor David Binning as he speaks with Anna Leibel, former CIO with UniSuper and author of the recently published book ‘The Secure Board’, and Simon Piff, vice president trust and security research at IDC APAC.

You can listen to Where do CISOs sit in today’s organisations? online on Radio and Podcast. Open the player on this page to stream the available audio.

Where do CISOs sit in today’s organisations? is an episode from The CIO Australia Show by FoundryCo.

This episode is 42:28 long.

This episode was published on Aug 30, 2021.

Yes. Use the heart button on the episode page to add it to your favorite episodes list.

Yes. This page shows related episodes from The CIO Australia Show when more episodes are available from the podcast feed.