World Library  
Flag as Inappropriate
Email this Article

Chief information security officer

Article Id: WHEBN0004591961
Reproduction Date:

Title: Chief information security officer  
Author: World Heritage Encyclopedia
Language: English
Subject: Chief executive officer, IT risk management, Computer Security Institute, Security level management, Information security management
Collection: Corporate Executives, Management Occupations
Publisher: World Heritage Encyclopedia
Publication
Date:
 

Chief information security officer

A Chief Information Security Officer (CISO) is the senior-level executive within an information technology (IT) risks. They respond to incidents, establish appropriate standards and controls, manage security technologies, and direct the establishment and implementation of policies and procedures. The CISO is also usually responsible for information-related compliance.

Typically, the CISO's influence reaches the whole organization. Responsibilities include:

Having a CISO or the equivalent function in the organization has become a standard in business, government and non-profit sectors. Throughout the world, a growing number of organizations have a CISO. By 2009, approximately 85% of large organizations had a security executive, up from 56% in 2008, and 43% in 2006. In 2011, in a survey by PricewaterhouseCoopers for their Annual Information Security Survey,[1] 80% of businesses had a CISO or equivalent. About one-third of these security chiefs report to a Chief Information Officer (CIO), 35% to Chief Executive Officer (CEO), and 28% to the board of directors.

In corporations, the trend is for CISOs to have a strong balance of business acumen and technology knowledge. CISOs are often in high demand and compensation is comparable to other C-level positions.

See also

References

  1. ^ "Annual Information Security Survey". PricewaterhouseCoopers. Retrieved 27 May 2012. 

External links

  • Guidance for Chief Information Security Officers
  • PWC Annual Information Security Survey
  • Cert - Organizational Security [1]
  • NIST - Governance [2]
This article was sourced from Creative Commons Attribution-ShareAlike License; additional terms may apply. World Heritage Encyclopedia content is assembled from numerous content providers, Open Access Publishing, and in compliance with The Fair Access to Science and Technology Research Act (FASTR), Wikimedia Foundation, Inc., Public Library of Science, The Encyclopedia of Life, Open Book Publishers (OBP), PubMed, U.S. National Library of Medicine, National Center for Biotechnology Information, U.S. National Library of Medicine, National Institutes of Health (NIH), U.S. Department of Health & Human Services, and USA.gov, which sources content from all federal, state, local, tribal, and territorial government publication portals (.gov, .mil, .edu). Funding for USA.gov and content contributors is made possible from the U.S. Congress, E-Government Act of 2002.
 
Crowd sourced content that is contributed to World Heritage Encyclopedia is peer reviewed and edited by our editorial staff to ensure quality scholarly research articles.
 
By using this site, you agree to the Terms of Use and Privacy Policy. World Heritage Encyclopedia™ is a registered trademark of the World Public Library Association, a non-profit organization.
 


Copyright © World Library Foundation. All rights reserved. eBooks from Project Gutenberg are sponsored by the World Library Foundation,
a 501c(4) Member's Support Non-Profit Organization, and is NOT affiliated with any governmental agency or department.