Digitization on Boards 6th Edition

Many organizations have pursued large-scale digital transformation in the past years and are now under even more pressure to make consequential business decisions - not only at a faster pace, but also with much more attention to the organization’s information, cyber, and technology security.

While the Chief Information Officer (CIO) oversees all the IT and Digital systems required to support the organization's objectives and goals, the Chief Information Security Officer (CISO) is responsible for developing, implementing and enforcing security policies to protect critical data. The tension between the priorities of enabling business objectives through technology and maintaining a robust security posture can be especially challenging when it comes to CISOs reporting to CIOs.

JM Search and Amrop’s Digital Practice team have collaborated on this study based on a series of interviews with CIOs and CISOs in Europe and the US, about their approach to managing their often competing priorities and relationships.

Digitization On Boards 6

CIO & CISO: Managing tensions and working together

We asked the interviewees about the pros and cons they see in the CISO reporting to the CIO vs. working as peers, ways of effectively addressing the tension, and the governance standards which need to be in place to make sure that a cybersecurity framework aligns with organizational goals and industry security requirements.

We analyzed and compared their insights in four areas: 1) root causes and main areas of tension between CIOs and CISOs; 2) reporting structure preferences (pros and cons of the CISO reporting to the CIO vs. working as peers); 3) best practices for managing the CIO/CISO relationship and 4) best practices for CIOs and CISOs to collectively communicate a unified message about the security program and cyber risks to Boards and ELTs. 

We are excited to offer you the results of the study below!

About Amrop’s Digital Practice

Amrop’s global Digital Practice combines deep sector knowledge with local market expertise, backed by global resources and integrated cross-border key account management. We have built long-term partnerships with our clients throughout their digital transformation journey. Not only delivering critical assets - the Leaders For What’s Next - but in digital competency assessment for Boards and management teams, implementing succession planning and talent management solutions. 

We have experience in key sectors and functions: 

  • Cloud, Software, SaaS, Apps, e-Commerce
  • AI/Machine Learning & Data Analytics 
  • CIO, CDO, CISO and Digital NEDs 
  • Scale-up, Venture Capital, Private Equity 
  • Fintech, Telecom, Media & Entertainment

Email us or contact our Digital Practice member in your country.

Digital Recruiting at JM Search

JM Search has built a highly experienced and deeply connected team of IT and information security recruiting experts dedicated to matching exceptional technology and data leaders with high-growth and transformative businesses across private equity-backed, private, and public companies.

Likewise, our specialized recruiting team includes former cybersecurity CEOs and other deeply experienced technology search consultants who know first-hand the critical importance of getting it right when hiring executives to lead security and risk functions and are dedicated to supporting the ever-evolving needs of our clients. Since 1980, we’ve expected nothing less and neither should you.

Looking for advice? 

Reach out to our IT, Cybersecurity & Risk Executive Recruiters at JM Search!


Download the full report in PDF version by clicking the link.

Full Report