CISO vs CEO On Data Security


CISO vs CEO on data security. What are their differences on the topic? Are there any similarities between the two of them?

Data security is a growing concern for today’s businesses. As more and more now rely on the power of data, it has become a vital asset.

So, keeping it safe and secure is crucial. Any attacks or loss of data may cause big damage to a company. For some, it cost them their business.

Of course, nobody wants that to happen to them. Right?

That is why companies need to step up their game. Thus, a leader is vital. So, who is it going to be?

Most would say the CISO, of course. But some would say it falls on the CEO at the end of the day.

But both have differing viewpoints about the matter. What are these?

We will talk more about that in this article. Keep on reading to know more.

CISO vs CEO on Data Security

Cyentia Institute’s Cyber Balance Sheet Report on 2017. This report gives us an idea about the different views of CISOs and CEOs on data security.

There, they surveyed 80 corporate board members and IT executives. One part of it was Cyentia asking to rate the value of cybersecurity to their business. Then, they gave five categories.

The results are:

  • Security Guidance. 43% for CISOs, 20% for CEOs.
  • Business Enabler. 40% for CISOs, 25% for CEOs.
  • Loss Avoidance. 40% for CISOs, 50% for CEOs.
  • Data Protection. 29% for CISOs, 91% for CEOs.
  • Brand Protection. 19% for CISOs, 63% for CEOs.

As we can see, there are only less than 30% of CISOs thinking cybersecurity gives value to data protection. And this is surprising.

While most of us would think that is their number one job. But almost all CEOs have that view.

Yet Cyentia has one clear explanation for that. Of course, CISOs know that it is their job to make sure of data security.

But they have learned to see data security as something positive. A business enabler than it being a cost center. As it should be, right?

Meaning CISOs think that they bring real value to their business. Making it clear with the high 40% of them saying it is a business enabler.

Which is higher than the CEO not having the same belief at only 20%.

We can see where the view of CEOs is rather than on data security as an asset. More than half of them see it as brand protection. In contrast, not even 20% of CISOs think so.

Thus, making us see what each of their focus are. CISOs think data security brings value and not a cost center. While CEOs think it is for brand protection.


Yes, both CISOs and CEOs do not have the same view about data security. But, at the end of the day, the two of them need to work together.

So, the CISOs can focus more on the technical side of data security. While the CEOs focus on the business side of what data security can bring.

Together, they can protect their company while letting it grow.

Our Score

Leave a Reply

Your email address will not be published. Required fields are marked *