For information governance (IG) professionals, the chief security officer (CSO) can be a key partner and advocate. Information governance depends on creating a team out of the disparate departments throughout your organization — a team of people who are the best at what they do. To build this team, there are two prerequisites:
- A focused goal
- Support from the upper management of your organization
The “focused goal” of most organizations in today’s world concerns cybersecurity, but the most important of these two factors is the support of upper management. You need a sponsor and a champion who has the ear of your organization’s board and the political support from them to get the job done.
How the CSO Can Support Information Governance
This is where the CSO comes in, and IG professionals need to establish a relationship with them if they haven’t already. Of enterprise organizations, 62% report that they currently have a CSO and that the CSO regularly briefs the board on security matters important to the organization, according to research by IDG.
Over the years, the chief security officer has been known by a number of titles. The most prevalent of those old titles is the “chief information security officer.” The word “information” was eventually dropped because it was implicitly understood, since technology has become central to every facet of our work lives. The CSO is now the de facto head of all the activities surrounding organizational security.
They are responsible for determining the organization’s business needs, along with the technical requirements and the best solutions so they can make a recommendation to the board. Once the board has given its approval, the CSO is responsible for evaluating and selecting a vendor, and then for authorizing the solution’s purchase.
As if this isn’t enough responsibility, consider that 52% of organizations expect to increase security spending in the future, according to IDG. Organizational spending priorities break down as follows:
- Adding new technologies — 46%
- Conducting audits and assessments — 34%
- Redesigning the organization’s cybersecurity system — 32%
- Adding new skills and capabilities — 24%
These priorities are exactly what information governance is all about. It’s clear that the CSO is an essential position within organizations across many industries. IG professionals have the knowledge and skills to be a very valuable asset to the CSO and their ever-growing priorities. If you haven’t introduced yourself to the CSO, you need to. This is definitely one relationship that needs to be cultivated.