The role of a Chief Information Security Officer (CISO) revolves around risk. The CISO’s job is to identify, manage, and, where possible, mitigate risks in a manner consistent with the enterprises business goals. An enterprise on the receiving end of an incident may not only suffer data loss, physical destruction, and service interruption, but also devastating reputational damage compounded by regulatory sanctions. The role has assumed an outsized importance due to the potential for a perfect storm resulting from a breach or other successful attack.”]
Source: https://informationsecuritybuzz.com/articles/5-ways-cisos-can-improve-cybersecurity/