SC 74: Management Hierarchy and CISO Reporting Roles – Part 2 with CISO Brian Lozada
What is the optimal structure within an enterprise in terms of CISO reporting? Should a CISO report to the CIO? Or possibly to the CFO?
In some cases, as you'll hear in part two of Vic Wheatman's interview with CISO Brian Lozada, CISO can stand for Chief Information Scapegoat Officer. Avoiding blame for security incidents requires relationships to ensure that both business and technical concerns are properly addressed.