CISO Still Viewed As Tech Not Business Leader

Network Computing Dark Reading

Advertise

About Us

Newest First | Oldest First | Threaded View

[close this box]

100%

Joe Stanganelli,
User Rank: Ninja
2/29/2016 | 7:22:06 PM

CISO answers to...

Of course, the other issue with the CISO answering to the CIO is that the CIO's office and the CISO's office have an inherent conflict of interest -- as I discussed in an InformationWeek piece here: informationweek.com/strategic-cio/cyber-security-and-the-cio-changing-the-conversation/a/d-id/1320660

I recently interviewed for a CISO role that, interestingly enough, answered to the CFO. The organization views the CISO role as a financial one -- pertaining to investment and risk management.

Perhaps this is how the role should be structured for most organizations.

Reply | Post Message | Messages List | Start a Board

Hot Topics

Editors' Choice

COVID-19: Latest Security News & Commentary

Dark Reading Staff 10/27/2020

Employees Aware of Emailed Threats Open Suspicious Messages

Dark Reading Staff 10/27/2020

Chinese Attackers' Favorite Flaws Prove Global Threats, Research Shows

Kelly Sheridan, Staff Editor, Dark Reading, 10/27/2020

Live Events

Webinars

Get Your Pass | Interop Digital December 3rd FREE Event

Interop Digital December 3rd FREE Event on Cloud & Networking

More Informa Tech Live Events

White Papers

DevOps for the Database

2020 Microsoft Advanced Threat Protection Report

The Future of Multi-Cloud Networking 2020

Stop the Cyberattack Cycle with Privileged Access Management

Special Report: Edge Computing: An IT Platform for the New Enterprise

More White Papers

Cartoon

Latest Comment: Honey, where did we hide the secret key to recover the MFA codes?

Cartoon Archive

Current Issue

Special Report: Computing's New Normal

This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

How IT Security Organizations are Attacking the Cybersecurity Problem

The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.

Download Now!

Special Report: Understanding Your Cyber Attackers

0 comments

2020 State of Cybersecurity Operations and Incident Response

0 comments

The Changing Face of Threat Intelligence

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2020-27986
PUBLISHED: 2020-10-28

** DISPUTED ** SonarQube 8.4.2.36762 allows remote attackers to discover cleartext SMTP, SVN, and GitLab credentials via the api/settings/values URI. NOTE: reportedly, the vendor's position is "it is the administrator's responsibility to configure it."

CVE-2020-27981
PUBLISHED: 2020-10-28

An XSS vulnerability in the auto-complete function of the description field (for new or edited transactions) in Firefly III before 5.4.5 allows the user to execute JavaScript via suggested transaction titles. NOTE: this is exploitable only in a non-default configuration where Content Security Policy...

CVE-2020-24707
PUBLISHED: 2020-10-28

Gophish before 0.11.0 allows the creation of CSV sheets that contain malicious content.

CVE-2020-24708
PUBLISHED: 2020-10-28

Cross Site Scripting (XSS) vulnerability in Gophish before 0.11.0 via the Host field on the send profile form.

CVE-2020-24709
PUBLISHED: 2020-10-28

Cross Site Scripting (XSS) vulnerability in Gophish through 0.10.1 via a crafted landing page or email template.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]