Defining the Strategic Role of the Chief Information Security Officer

Sean B Maynard, Mazino Onibere, Atif Ahmad


The level of sophistication and dynamism of the security threat environment requires modern organizations to develop novel security strategies. The responsibility to strategize falls to the Chief Information Security Officer (CISO). A review of the security literature shows there has been little emphasis on understanding the role of the CISO as a strategist. In this research, we conduct a systematic literature review from the disciplines of information security and strategic management to identify specific attributes required by CISOs to become effective strategists. We discuss these attributes in the context of Information Security Management and argue that CISOs with these attributes or capabilities are better positioned to overcome the existing strategic security challenges facing organizations.


Information Security; Information Security Strategy

Full Text:

Views 3312

Maynard, S. B., Onibere, M. and Ahmad, A. (2018). “ Defining the Strategic Role of the Chief Information Security Officer, ” Pacific Asia Journal of the Association for Information Systems, 10(3), pp. 61-86.