WaterRide Posted September 19, 2016 Share Posted September 19, 2016 I love meeting other InfoSec professionals at other companies as it opens my eyes to what their risk priorities are and how they educate their staff good security behaviour, for example. Recently I hmet mates in one company where they do not have a CISO per say, rather a senior manager who they report to - do you think an explicit CISO role is needed? I would say "yes" as this person is an expert and has their team's interest at heart and take ideas and concerns to the Senior Managers. Also, one company had a CISO who is contracted from an external consultancy firm - should a CISO be a permanent employee? As much a CISO should bring knowledge, does having a contracted CISO bring potential conflicts of interest (especially if they are from a consultancy firm)? Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.