Facing a cyber security incident? Call our Incident Response Hotline: 1800 316 767


The evolving role of the Chief Information Security Officer

COVID-19 has magnified both the opportunities and threats of digitisation.

Organisations have made incredible strides in remote working and collaboration for employees, as well as improving digital customer experience.

But this also reminds us that physical perimeters no longer exist. With increasing reliance on third parties, and the proliferation of Internet of Things (IoT) and other devices, cyber security now involves complex ecosystems with a dramatically increased threat potential.

In a marketplace where speed to market is essential, cyber security teams are now responsible for building trust and resilience, by forging a pragmatic security culture and helping embed secure by design thinking into every aspect of digital infrastructure and data. To do this, they must see themselves as enablers and facilitators, helping others deliver services and brands that deserve cyber trust among customers, employees and society at large.

To find out more about how cyber security roles are evolving, KPMG spoke to a number of Chief Information Security Officers (CISOs) from major organisations, from a wide range of industries and regions, as well as to KPMG’s cyber security specialists from around the world.

We have identified seven actions that CISOs should take to help keep organisations resilient and competitive.


Actions CISOs should take

1. Act like you belong in the C-suite

CISOs gain more influence by aligning business and cyber security objectives.

2. Broaden your horizons

Taking on wider responsibilities calls for an open mind and an eye to the bigger picture.

3. Weave cyber security into the company's DNA

CISOs should embed cyber security into the business — making it everyone’s responsibility.

4. Shape the future cyber security workforce

Combine outsourcing, gig workers and automation to transform how capabilities are accessed.

5. Embrace automation as the rising star

Automation has huge potential for the cyber security industry, bringing a host of efficiency and workforce benefits.

6. Brace for further disruption

Adapting technically and strategically to a fast-changing world.

7. Strengthen the cyber security ecosystem

Collaboration should aid the fight against cyber threats.



Connect with us

Want to find out more? Get in touch with us today.