ABSTRACT
Security is no harder than managing cashflows or penetrating new markets. All are disciplines that require a particular expertise. It just so happens that information security, at present, has a lower number of established leaders because it has not been around for as long, and it is highly related to a field that is evolving rapidly. Being a Chief Information Security Officer (CISO) is just as difficult as being a Chief information officer (CIO) or CTO, which is, incidentally, one more reason why they should be peers. A favorite statement of candidates to the position of CISO, this is dangerous. The right kind of CISO can serve as a bridge between the needs of the business and the risks related to the use of technology in supporting those needs. It is just like the CIO who is serving to translate those same business needs into applied technology that is the best way to support those same needs.
