Summary
When done right, the CSO role is an integral part of an organization’s overall risk management architecture. When done wrong, the CSO role is an expensive paper pusher that could hold back key initiatives. Organizations need to carefully and continually assess their CSO role to make sure that overall information security efforts are matching business needs and outcomes.