Federal Chief Information Security Officer
The office of the Federal Chief Information Security Officer of the United States (CISO) was created on September 8 2016. The role of the CISO is to guide cybersecurity policy, planning, and implementation in the U.S. Federal Government. The first appointment to this position was Gregory Touhill, who stepped down in January, 2017 and was replaced by Grant Schneider (formerly the Deputy CISO).
Having a CISO or the equivalent function in the organization has become a standard in business, government, and non-profit sectors. Throughout the world, a growing number of organizations have a CISO. By 2009, approximately 85% of large organizations had a security executive, up from 56% in 2008, and 43% in 2006. In 2011, in a survey by PricewaterhouseCoopers for their Annual Information Security Survey, 80% of businesses had a CISO or equivalent. About one-third of these security chiefs report to a chief information officer (CIO), 35% to chief executive officer (CEO), and 28% to the board of directors.
In corporations, the trend is for CISOs to have a strong balance of business acumen and technology knowledge. CISOs are often in high demand and compensation is comparable to other C-level positions who also hold a similar corporate title.
Independent organizations such as Holistic Information Security Practitioner Institute (HISPI) and EC-Council provide training, education and certification by promoting a holistic approach to Cybersecurity to Chief Information Security Officers (CISOs), Information Security Officers (ISOs), Information Security Managers, Directors of Information Security, Security Analysts, Security Engineers and Technology Risk Managers from major corporations and organizations.
- Tony Scott, J. Michael Daniel (2016-09-08). "Announcing the First Federal Chief Information Security Officer". whitehouse.gov – via National Archives.
- "Annual Information Security Survey". PricewaterhouseCoopers. Archived from the original on 2012-05-03. Retrieved 27 May 2012.