The need for robust cybersecurity spreading out across the enterprise is changing the role of chief security officer, as executives who were once focused on a defined set of potential threats find themselves grappling with issues as diverse as privacy, brand reputation and compliance. "We used to just look at these as security risk indicators," said Greg Thompson, vice president of enterprise security services and deputy CISO at Scotia Bank. "Now, they are key risk indicators. We now look beyond information security and try to understand the rest of the picture."
Chief security officers face expanding duties as risks multiply