What is a CISO (Chief Information Security Officer)?

The chief information security officer (CISO) is a senior executive responsible for an organization’s information and data security. In this evolving role, CISOs develop and run enterprise-wide processes aimed at reducing IT and business risk, as well as assuring regulatory compliance. The position was historically tasked with a predominately technical mission, but more recently, savvy companies are relying on the CISO for strategic insights about how to best enable digital transformation initiatives.

Industry expert Larry Ponemon notes that today’s top CISOs pair their technical expertise with business backgrounds, such as an MBA, and strong soft skills, which help communicate with other organizational leaders.

Most CISOs have Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) and Certified Ethical Hacker (CEH) certifications.