An increasing number of experts are urging companies to stop having the CSOs and CISOs report to the CIO in order to reduce conflict of interest, risk, even downtime and financial losses, but there hasn't yet been much evidence of progress.
In most organizations, the CIO and the CSO have very different objectives. And, in fact, those objectives may be directly opposed to one another.
"When the security team reports into the CTO or the CIO, the security team has traditionally been known as the 'no' team, and the job of the CIO or CTO is to build products, to build technology," said Aleksandr Yampolskiy, co-founder and CEO at SecurityScorecard.
To continue reading this article register now