What is a Chief Security Officer (CSO)? Understanding this critical role

The Chief Security Officer (CSO) is the executive responsible for the organization's entire security posture, both physical and cyber, and has the big picture view of the company's operational risk.

1 2 Page 2
Page 2 of 2

Relativity's Fennell agrees: "The CSO role is a bit more inclusive, by definition, including the physical, network, and product security of a company, whereas a CISO traditionally focuses on roles specific to safeguarding valuable information to the company," she says. But she also acknowledges that those lines are often blurred. "In practice, these titles are often used interchangeably," she says, and which one a company uses "speaks more to the focus of that organization rather than a clearly defined set of role responsibilities."

"As threats have evolved, so too have security roles," says Domo's Browne. "It is now more typical for physical security to be managed by facilities and perhaps have the title of Director of Corporate Security, with the CISO/CSO titles designated for the individual responsible for cybersecurity. This evolution makes sense, as the skillsets to manage physical security and cybersecurity are largely different. Most CISO/CSOs in the industry have not felt comfortable managing physical security, or believe they can provide most benefit to the company by focusing solely on cybersecurity."

1 2 Page 2
Page 2 of 2
NEW! Download the Winter 2018 issue of Security Smart