Not employing a chief information security officer (CISO) may sound foolhardy, but it is not uncommon. Only 49 percent of companies currently employ a CSO or CISO, according to Cybrary’s 2016 Cyber Security Job Trends Report.
Why is this? The reasons are myriad, from the lackadaisical “it won’t happen to me” business attitude to information security to confusion around the CISO’s purpose, budget constraints and trouble identifying the right candidate.
Unclear KPIs and CIOs carrying out CISO job functions muddy the waters too. However, it’s increasingly clear a CISO is required to prioritize information security and be a strategic enabler for the business.
Read more here:: IT news – Security