What is CISO and functions that it develops

Companies are looking for professional profiles that protect their computer systems and their data. The person responsible for all this being carried out is the CISO, who is in charge of preventing and dealing with cyber attacks.


To find this figure in companies, you must go back to the 90s of the last century. Then the information was stored in data processing centres, and the CISO was in charge of protecting it by applying the necessary protocols.

Thus, this person was the one who directed, planned, guided and coordinated the cybersecurity strategy in those organizations in which he operated.

Over time, responsibilities have increased, so today, it is a fundamental element of company decisions.

Origins of the CISO

What are the qualities of the CISO?

A CISO, from the English Chief Information Security Officer, usually has training as a computer engineer with experience in new technologies and information security.

He must also have legal and certified knowledge in information systems audits, risks and control of information systems or information security management.

But also, today, specific skills are required in business, such as communication, leadership, transversality and analytical skills.

For all these reasons, the CISO is vital to the company, not only because of his technical profile but also because he is involved in the company’s strategic processes.

What does the Chief Information Security Officer do?

The CISO is the person who directs the implementation of a security system in the business organization.

Among the most notable functions that a Chief Information Security Officer should have:

  • Align security strategy with business objectives.
  • Provide specific regulations on security issues and ensure that all comply with them.
  • Prevention, detection and analysis of vulnerabilities.
  • Inform the hierarchies of the organization of the problems related to cybersecurity.
  • Respond quickly to any incident related to cyber-attacks.
  • Provide training within the organization on information security.

More and more CISO professionals are needed, and they are joining the boards of directors of companies; their decisions are taken into account for future business strategies.

This shows that organizations are increasingly aware of the importance of cybersecurity for their future and chances of success.

Related Posts