If you ask a CISO this question, you’re likely to get a consistent answer – probably the CEO, COO, or Board of Directors. The reality, however, is quite different. In fact, a CISO’s position on an org chart varies widely. Ultimately, who a CISO reports to says a lot about an organization. If a CISO’s manager takes a holistic view of the organization and fundamentally understands the CISO’s role, namely risk mitigation, the CISO will be optimally positioned. Otherwise, if the CISO role is viewed as a largely technical one, it’s likely the CISO will struggle to be heard and respected.
CISO Street recently moderated a panel in Dallas, TX, and asked CISOs about their perspectives on the CISO role, including challenges and opportunities. In this video, Byron Davis, CISO with Famer Brothers, Aaron Blackstone, CISO for the Texas Department of Public Safety, and David Stender, Chief Security Officer with M&T Bank, share their views on reporting structures and how they impact a CISO’s ability to get their job done.