CISOs growing more comfortable with risk, but better C-suite alignment needed, says new global research.

Other findings that expanded on the changing role of the CISO include:

  • Over half of the CISOs who participated in the research (57%) said their appetite for risk has increased in the last five years. This may be despite the increasing volume and sophistication of cyberthreats, or because of it: 74% state that a first-hand experience of a cyber security incident was important in impacting their risk comfort levels.
  • Better access to data and analytics (76%) was the top reason given for their shift in risk appetite.
  • Two thirds of CISOs (65%) now describe their responsibility in terms of improving business resilience, rather than managing cyber risk.
  • However, 23% of participating CISOs strongly agree that other members of the C-suite currently fail to see that the CISO role makes innovation possible.

Rise of the progressive CISO

Two thirds (65%) of CISOs surveyed believe the CISO role is changing rapidly, and they report becoming more proactive and progressive, a trend driven by the adoption of modern technology that creates new possibilities for driving innovation and business impact:

  • Just 36% of CISOs see themselves playing a “protector” role primarily focused on defending the organization.
  • In contrast, 59% of CISOs now consider themselves to be business enablers, with 67% stating that they want to play an even more active role going forward.
  • 66% wish they could say “yes” to the business more often.