CIO & CSO Relationship Moves to Forefront as Businesses Escalate Security Focus
CIO/CSO Partnership Survey highlights collaboration between CIOs and CSOs on security strategy discussions, technology purchases and advising the business
Framingham, Mass. – February 8, 2016 – IDG Enterprise – the leading enterprise technology media company, composed of CIO, Computerworld, CSO, InfoWorld, ITworld and Network World – reveals the growing strategic partnership among today’s top tech and security executives in the 2015 CIO/CSO Partnership Survey. As organizations defend against a growing number of security breaches and dedicate resources to comply with industry regulations, security continues to rise as a priority. CIOs and CSOs are joining forces and collaborating often to mitigate risk and to ensure the business can continue to advance during this time of digitization. (Click to Tweet)
Enterprise Oversight Leads to High Demand for Security Experts
The majority of CIOs (77%) strongly believe that having a CSO elevates the perception or focus on security for an organization; however, this does not always translate into organizations having a senior security leader. Only 50% of CIOs stated that their organization employs a CSO. Even though there is a disconnect, security conversations are still taking place. Sixty-five percent of CIOs said they meet with their CSO/CISO at least weekly, and 78% of CSOs/CISOs agreed. These conversations are in addition to formal strategy sessions to discuss security concerns and technology initiatives that CIOs (52%) and CSOs (65%) said occur at least monthly. The main issues discussed during these meetings include audit issues and findings, mitigating existing and emerging risks, compliance issues, and building security into new technology solutions.
“As businesses realize the benefits technologies can deliver, they are also coming to terms with the risks associated with those technologies. The CIO and CSO relationship is at the epicenter for helping organizations meet their full potential while mitigating risk,” said Bob Bragdon, publisher of CSO. “Strategic conversations between CIOs and CSOs are imperative to building a united security program that can be integrated into ongoing and new projects throughout the organization.”
Security Risks in the Board Room and Beyond
Despite an increasingly collaborative relationship, the differing roles and priorities of CIOs and CSOs create room for security concern. Half (51%) of CSOs are not confident in IT’s focus on security within technology decisions – 27% believe IT will misconfigure existing technologies and 24% believe that IT will adopt new technologies that may expose the business to undue risks. On the flip side, CIOs shared that they believe CSOs would say the greatest problem with IT security is that security decisions are being made after business decisions. However, for CIOs this is not the reality. CIOs say they discuss security concerns throughout the purchase process of new solutions, with a focus on security at the beginning when they are determining technical requirements (81%) and evaluating products and services (80%).
CIOs and CSOs agree on the biggest security concerns when it comes to actions taken by their line of business (LOB) colleagues. Both worry that LOB will implement new technologies or services that will expose the business to undue risks, and that there are users who are uneducated in, or ignore, good security practices. One difference is that CSOs have more fear (24% vs. 15% CIOs) that LOB will conduct business with other entities that have poor security. On a preventative note, both top security and tech executives say they meet with line of business executives to discuss key issues such as audit issues and findings, mitigating existing and emerging risks, compliance issues, and third-party risks.
“Security impacts almost every aspect of a business, and its importance within technology continues to rise. Having business leaders like the CIO and CSO work together to protect potential vulnerabilities and educate LOB colleagues is crucial,” said Adam Dennison, SVP/Publisher of CIO. “The fact that security considerations are ingrained in the technology purchase process from the beginning is a strong step toward ensuring organizational assets and reputation are protected against potential incidents.”
Interested in learning more from this survey?
Get more in-depth findings with the CIO/CSO Partnership White Paper “Behind the Scenes of the CIO & CSO Relationship: Productive Partnership or Competitive Alliance.”
About the CIO/CSO Partnership Survey
The CIO/CSO Partnership study uses quantitative research to examine the relationship between the CIO and CSO roles and gain insight into their competing and common interests, as well as involvement in emerging technologies and collaboration. Both the CIO and CSO versions of the survey were conducted online. The CIO survey results are based off of 178 responses, and the CSO survey results are based off of 101 responses.
About IDG Enterprise
IDG Enterprise, an International Data Group (IDG) company, brings together the leading editorial brands (CIO, Computerworld, CSO, InfoWorld, ITworld and Network World) to serve the information needs of our technology and security-focused audiences. As the premier high-tech B2B media, data and services company, we leverage the strengths of our premium owned and operated brands, while simultaneously harnessing their collective reach and audience affinity. We provide market leadership and converged marketing solutions for our customers to engage IT and security decision-makers across our portfolio of award-winning websites, events, products and services.
Company information is available at www.idgenterprise.com
Follow IDG Enterprise on Twitter: @IDGEnterprise
Join IDG Enterprise on LinkedIn
Like IDG Enterprise on Facebook: www.facebook.com/IDG.Enterprise
Marketing & Research Specialist