A recent study reveals significant shifts in how Chief Information Security Officers approach risk management. The research, which surveyed over 1,000 CISOs globally, highlights that an increasing number of CISOs are adopting a more progressive stance towards cyber risk, contrasting sharply with the more conservative outlooks of their CEOs. This divergence is causing notable tensions within the executive suite, underscoring the need for better alignment and communication between security leaders and other C-suite members.
The study finds that while over half of CISOs have reported an increased appetite for cyber risk, they often find themselves in a delicate balance, navigating between security imperatives and business objectives. Despite the growing willingness among CISOs to take on more risk to drive innovation, 92% report that differing attitudes towards risk among their peers are a source of friction.
Why it matters: The evolving role of CISOs is crucial as organizations increasingly depend on digital strategies to drive growth. CISOs acting as enablers of innovation, rather than mere protectors, can significantly enhance a company’s agility and competitive edge. Bridging the gap between CISOs and other C-suite members is essential for fostering a collaborative environment that effectively balances security and business needs.
- Increased Risk Appetite: Over half of CISOs (57%) have reported a greater appetite for risk in the past five years, driven by firsthand experiences with cybersecurity incidents and better access to data and analytics.
- C-Suite Tensions: A significant majority (92%) of CISOs experience tension with their CEOs and other C-suite members due to differing risk attitudes, with 32% perceiving their CEOs as having a low-risk appetite.
- Strategic Role Shift: Two-thirds (65%) of CISOs now view their role as enhancing business resilience rather than merely managing cyber risk. However, a substantial 23% believe that other C-suite members fail to recognize the CISO’s role in fostering innovation.
- Proactive Leadership: The study shows a growing trend among CISOs towards proactive and progressive approaches, with 59% seeing themselves as business enablers and 66% wishing they could support business initiatives more frequently.
- Balancing Act: Many CISOs (66%) describe their role as a tightrope walk between business demands and security needs, highlighting the ongoing struggle to align security strategies with business goals.
Go Deeper -> Survey Sees Modern CISOs Becoming More Comfortable With Risk – Security Boulevard
CISOs Growing More Comfortable With Risk, But Better C-Suite Alignment Needed – Netskope Research