EXPERT OPINION
The changing nature of the CISO in 2023
Alain Sanchez , EMEA Field CISO
The role of the CISO has evolved and expanded and continues to do so in order to meet the ever-changing needs of organisations today . Alain Sanchez , EMEA Field CISO , and Daniel Kwong , SEAHK Field CISO at Fortinet , discuss why strategy is so important for the CISO to keep in mind when demonstrating business value , particularly as they are expected to adapt their strategies to stay ahead of the curve .
Daniel Kwong , SEAHK Field CISO at Fortinet he role of the Chief
T
Information Security Officer ( CISO ) is shifting more than ever . As cybersecurity remains a boardlevel discussion and cybersecurity risk continues to increase , CISOs have substantial access within an organisation , but also face significant pressure .
The biggest shifts for CISOs in terms of their role in a business in the last three years
In recent years , the role of the CISO has shifted dramatically . With the rise of cyberattacks , CISOs are now expected not only to protect data , but also to be proactive in identifying and preventing potential threats . In addition , CISOs are now often tasked with developing and implementing security strategies for the entire organisation , not just the IT department . With the ever-changing cybersecurity landscape , CISOs must continuously adapt their strategies to stay ahead of the curve .
A decade ago , those who are now referred to as ‘ CISOs ’ were not considered nearly as important as they are today . Quite often , at the time , they got answers such as , ‘ Can ’ t you see I ’ m working ?’ or , ‘ Oh no , not you again !’ Today , the same people get a dedicated seat in that same boardroom and many CEOs ask them important questions , valuing their response . These questions actually call for answers and perhaps the most amazing change is in the tone that is now used : ‘ Can you provide insight into whether or not we can buy this company ?’ or ‘ If you wouldn ’ t mind , can you prepare metrics regarding our cyber posture to present to our stakeholders next week ?’ The newly regarded CISO gets a budget , a team and the right to directly recruit . Sometimes even , the voice of the CISO prevails over other long-standing professionals established on the upper floor . In fact , over the last few years , the teleworking policy , the collaborative database , legal reporting and even the development roadmaps of innovative core applications have been placed under their direct leadership .
The shift in the role of the CISO from an operations focus
In recent years , there has been a shift in the role of the CISO from an operations www . intelligentciso . com
41