The second “CISO (Chief Information Security Officer) in the spotlight” survey analyses the evolution of the CISO’s role over the past two years in Luxembourg


Conducted by the CPSI (College des Professionnels de la Sécurité de l’information) and PwC Luxembourg, the survey shows that, despite being under-represented in management committees (only 13% occupy a seat), a CISO, today, serves as a technical expert with clear business understanding and a risk mindset. The study also shows that 76% of CISO's now hold a full-time position, compared to just 53% two years ago.

<< Back
13/02/2019 |
  • Crystal Park

Rise of the CISO: The gradual coming of age of a role and an organisational culture

With the growing awareness that information security breaches expose organisations to severe operational, legal, financial and reputational risk, businesses are realising the benefits of embedding security consciousness, and hence the role of a CISO, into the organisational culture, and making it a core competency.

This is reflected in the latest CISO survey, conducted jointly by the CPSI and PwC Luxembourg. Compared to the results from the 2016 survey, this year’s report shows significant progress in various aspects related to a CISO’s role in an organisation.

There is a growing recognition of allocating a full-time role for the CISO/ISO (Information Security Officer) position. In 2016, just over half of the respondents reported that CISO/ISO roles were full-time. Today, over three quarters consider it to be a distinct, full-time job.

Whereas in 2016 no CISO/ISOs reported working at the executive committee level, today 13% report to the CEO. “The growing proximity to the CEO reflects the recognition of the CISO/ISO as being an executive level contributor, and the organisational seriousness towards information security,” said Greg Pitzer, Partner and Cybersecurity leader at PwC Luxembourg.

The report also shows that for nearly all companies, information security is a priority. As many as 65% of the companies that responded to the survey see it as being a necessity for their organisations. Companies that see information security as an enabler also value the opinion of their CISO/ISOs and take it into account in their decision making process. “If an existing configuration within a company affects the ability of a CISO/ISO to raise security concerns freely, they need to discuss this with the management to make sure they are involved in strategic information security-related decision-making,” added Pitzer.  

A role both complex and gratifying

Most CISO/ISOs (85%) admit that their jobs have become more complex than they were in 2016 due to the fact that the world has become increasingly interconnected and dependent on cloud technology. The key aspect that plagues CISO/ISOs is the reality that people are the weakest link in an organisation. The lack of qualified security professionals and negligent employees working in a complex IT environment are prone to cause the most damage.

“Companies need to establish a cybersecurity culture where everyone has the responsibility to observe and promote security practices and to behave in a way that is aligned with the information security strategy of a company,” said Rodolphe Mans, President, CPSI.

But, despite the increasing complexity of their job, the majority (92%) of the CISO/ISOs consider their role to be great and satisfying. For more information, read the full report here.

Back to top  | << Back

Communiqués liés

RTL Croatia HD-1280 (002)

RTL Croatie choisit BCE et SGT (Hexaglobe Group) pour renouv...

Le groupe audiovisuel RTL Croatie souhaitait migrer son infrastructure, en servi...

The Adecco Group Brand Mark Port RGB
22/01/2020 Evènements
OCSiAl RD lab (002)
22/01/2020 Evènements

OCSiAl appelle les scientifiques luxembourgeois et internati...

Les TUBALL Awards récompensent chaque année les chercheurs pionniers qui trava...

thumbnail b

Lancement d'une liaison ferroviaire intermodale entre Bettem...

LKW WALTER, Stena Line, Port de Kiel et CFL multimodal sont heureux d'annoncer l...

CFL multimodal
FLH FitLine Partners~ Announcement 1

FitLine devient partenaire de la Fédération Luxembourgeois...

PM-International AG, basé à Schengen, avec sa marque de compléments alimentai...

PM-International AG
Bernard Moreau Labgroup (002)

Lab Luxembourg S.A. (Labgroup), vers l’autonomie énergét...

Certifiée ISO 14001 depuis octobre 2019, Labgroup continue ses engagements enve...


Il n'y a aucun résultat pour votre recherche

We use cookies to ensure the best experience on our website. By accepting you agree the use of cookies. OK Learn more