Cybersecurity and the risk function
Most CEOs of large organizations are convinced of the existential dimensions of cyberrisk. The most savvy have begun to approach cybersecurity with an enterprise-wide perspective, involving the teams of the chief information security officer (CISO), the chief information officer (CIO), and the chief risk officer (CRO), as well as the business units. A true partnership between these teams is the optimal approach, having emerged from a recognition that no single leader or team can gain the complete perspective needed to be effective in the cyberdomain. No one group within a company could manage the number and types of internal and external threats, the complex technological landscape, and the many actions needed to address vulnerabilities associated with people and technology. They rather need to work together.