Since Steve Katz became the first CISO back in 1996, both business leaders and the security industry in general have been thinking and rethinking the need for such a person and the responsibilities that he or she should have.
In this podcast recorded at Black Hat USA 2014, Rick Howard, CSO at Palo Alto Networks, talks about the role of the CSO and how it’s fundamentally changing.
The CISO role has emerged in the last five years as the de facto role to manage cyber security. If there isn’t somebody in the organization with the title of CISO, there is somebody in charge of IT security.
Business leaders run out as fast as they can to hire a CSO/CISO as soon as they get hit by a significant breach: RSA, Sony and Target all followed this pattern. Obviously, this is a little backwards. But these kinds of events are causing business leaders to rethink how important security is to their business.