Why you need a CSO/CISO

When it comes to security, you're better off employing a specialist. However, according to recent research, less than half of companies employ a CSO/CISO.

Do you need a CSO or a CISO?

Your CIO has enough on her/his plate without taking on responsibility for security, too. While there's plenty a CIO (or a CTO) can tackle when it comes to security, these roles are "generalists." What you really need is a chief security officer or a chief information security officer (CSO/CISO) -- a security specialist.

The Cyber Security Job Trends survey from free online security MOOC provider Cybrary, which polled 435 senior-level technology professionals from October to December 2015, found that only about half or 49 percent of respondents say their companies employ a CSO/CISO who's solely responsible for security.

"Even though we found that cybersecurity professionals, at all levels, are fully aware, and experiencing first-hand that the available talent is not keeping pace with demand needs, I was surprised by the alarmingly low number of companies that employ a CSO/CISO who is responsible for security," says Trevor Halstead, product specialist, talent services, Cybrary.

To continue reading this article register now

Microsoft's very bad year for security: A timeline