Skip to main content
close search
site logo
Dive Brief

CIO involvement in security grows as CEOs target risk reduction

Published Jan. 21, 2022
Samantha Schwartz's headshot
Samantha Schwartz Reporter
A group of workers attends a meeting.
"wocintech (microsoft) - 112" by WOCinTech Chat is licensed under CC BY 2.0

Dive Brief:

  • Half of CIOs are prioritizing security management this year, as CEOs push for IT and data security upgrades to reduce corporate risk, according to IDG's annual CIO survey, which included responses from almost 1,000 heads of IT and 250 line of business participants.
  • Increasing cybersecurity protections is the top business initiative for 2022, especially for IT leaders in the government, education, manufacturing and healthcare sectors. Respondents cited socioeconomic factors for driving focus on security, the report said.
  • The majority of IT leaders, 76%, expect to be more involved in cybersecurity this year, while maintaining their role as the primary technology decision maker, the report said. This is particularly for CIOs in government, healthcare and manufacturing. Security and risk management skills are also the top skills CIOs are expected to seek this year. 

Dive Insight:

Without visibility into a company's tech stack, a CISO's ability to defend a network is weakened. Software complexity is a top challenge for CIOs and CISOs. 

The reporting structure between CIOs and CISOs varies. With IT and security demands sometimes at odds, many CISOs report directly to the CEO. However, a direct CIO to CISO rapport gives leaders insights into the network and what is necessary to defend it. 

The majority of CIOs engage with their CEOs more than other C-suite executives, while engagement is evenly split between CISOs and CTOs, a 2021 IBM report found. The survey was based on 2,500 responses from CIOs and 2,500 responses from CTOs between May and September 2021. 

IBM found that cybersecurity is among the shared responsibilities of the CIO and CTO.  

Nearly three in five respondents (57%) cited security improvements as a driver for their budget increases this year, according to IDG. The top technology investments for 2022 are in security and risk management, followed by data and business analytics, and application and legacy system modernization. Upgrades to IT infrastructure came second to security improvements as reasons for budget increases, IDG found. 

The increased focus on cybersecurity can bridge potential technological gaps between IT and the security organization. SolarWinds, for example, is a tool CIOs were likely familiar with, Chris Krebs, former director of the Cybersecurity and Infrastructure Security Agency (CISA), said during a virtual Gartner conference in October. CISOs "may not have had as deep an understanding of the Orion product and platform," the software's criticality in maintaining network operations, Krebs said.

CIOs and CISOs play equal roles in defensive collaboration — each has a responsibility to demand higher security standards from the vendors they work with. CISOs have the responsibility of shedding light on risk, not necessarily security practices for their C-suite counterparts. 

Recommended Reading

Filed Under: Leadership & Careers

Editors' picks

Company Announcements

View all | Post a press release
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
DigiCert Unveils 2025 Security Predictions
From DigiCert
November 21, 2024
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Editors' picks
Latest in Leadership & Careers
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell