CISOs must understand how the business makes money and the processes that create value, authors say. Security is not foundational to generating revenue in most companies, so security competes for visibility with executive leadership. CISOs are most often still perceived as technology geeks who dont think broadly enough to be part of the business conversation. The authors say CISOs need to understand the business of their organization and understand how it makes money. They also need to be aware of the risks they face, such as competitive risk, inflationary risk, market risk, political risk, operational risk.”]
Source: https://www.csoonline.com/article/3586741/why-cisos-must-be-students-of-the-business.html