Aligning security strategy with ESG objectives: The next big issue for CISOs

As interest in environmental, social, and governance issues increases among investors, business partners, consumers, and employees, CISOs will need to shape their security and risk strategies to align with the organization’s ESG objectives. It’s another step in the progression of the CISO role.

Activists protest against racism and advocate for social justice and equal rights.
Alessandro Biascioli / Getty Images

Matthew Miller, a principal in Cyber Services at KPMG, had a first-of-its-kind request from a client CISO this past year:

The CISO wanted advice on responding to a board member’s question about his views on ESG and whether he was focused on it.

It was a first for the CISO as well, Miller says.

Miller says he soon realized that this CISO was one of a small, but growing, number of security leaders becoming involved in their organization’s ESG work.

“It’s early, but that conversation has started to evolve and it’s not going away,” Miller says.

To continue reading this article register now

Microsoft's very bad year for security: A timeline