As security threats and risk management becomes a boardroom-level concern, CISOs are being pulled in two opposing directions. Starting in 2012, I think we will see a natural bifurcation of the CISO function into two roles. Chief Security Officer (CSO) will be similar to a Chief Risk Officer but focused on the intersection of risk management and IT-based business processes. CSOs will also be the IT security interface for the compliance, legal, public relations, and physical security teams.”]
Source: https://www.csoonline.com/article/2221267/changes-coming-to-the-ciso-position.html