Redefining the CISO role: Why the top security job is gaining C-suite and boardroom status

Breach concerns, data privacy regulations, and a move to separate security from IT are elevating the importance of the security role.

CSO Digital Magazine  >  Summer 2020 [cover]
IDG / Brian Stauffer

Editor's note: This article originally appeard in the Summer 2020 digital issue of CSO.

Timothy Youngblood's responsibilities as CISO at McDonald's Corp. are broad, influential and a lot different from what most executives like him had a few years ago.

As the fast-food giant's chief security executive, Youngblood's role is as much about protecting the McDonald's brand globally as it is about facilitating and supporting business initiatives and goals. He reports to senior leadership, he has board-level visibility and accountability, and a voice in key business decisions at his company.

Quote  >  Timothy Youngblood, CISO, McDonald’s Corp. CSO / IDG

"Ten to 15 years ago, the CISO role was more of a unicorn role," Youngblood says. "Few companies had CISOs or even knew what a CISO was."

If security leadership existed, it typically reported into a vice president of infrastructure or similar role and was constricted to operational activity around things like access control, Youngblood says. These days CISOs are not only asked to report to boards, but also be on them. "Because of the headlines of the day most boards want to speak with security leadership before they talk with CIOs."

To continue reading this article register now

Make your voice heard. Share your experience in CSO's Security Priorities Study.