Dive Brief:
- CISOs worldwide have gained more authority and influence in corporate governance structures across the globe, according to a report from Splunk.
- More than eight of every 10 CISOs now report directly to company CEOs, compared with less than half just two years ago. In addition, about eight in every 10 CISOs participate in board meetings somewhat often or most of the time, the study found.
- The report, produced in conjunction with Oxford Economics, is based on a study of 600 respondents from 10 countries in the U.S., Europe and Asia-Pacific. The respondents consist of about 500 CISOs, CSOs or equivalent security leaders and 100 board members.
Dive Insight:
The report examines the dynamic of how the CISO role has evolved in corporate leadership teams across the globe. The growing threat of cyber breaches and malicious attacks on corporate operations and financial performance has led to CISOs gaining greater influence over cyber-risk management decisions.
“CISOs are responsible for managing risk and ensuring that the organization’s security posture is aligned with its business objectives,” Splunk CISO Michael Fanning, said via email.
Corporate boards and C-suite leaders are often better prepared to deal with the impact of cyberattacks when they are informed and better aligned with CISOs about corporate cyber risk, according to the report.
In previous years CISOs have had to work through multiple layers of management to get access to the CEO, and rarely interacted with board members.
Before leaving her post earlier this month, Cybersecurity and Infrastructure Security Agency Director Jen Easterly urged corporate leaders to embrace cyber risk as a core business issue. Easterly had repeatedly asked corporate leaders to prioritize cyber risk during her tenure in the Biden administration.
