Security needs to have a seat at the table in the boardroom after a Target breach. Security is like a football team not having a quarterback calling the plays in order to win many games. The CIO and CSO need to be peers and have equal representation in board room. The security defined by the CSO should be based on metrics that demonstrate an organizations acceptable level of risk, offer clear guidelines on what must be done, and provide an easy way to measure compliance. In five years, most organizations will have a CSO that directly reports to the executive team.”]
Source: https://www.darkreading.com/attacks-breaches/cio-vs-cso-allies-or-enemies-