The Rise of the CISO and Cybersecurity Tool Development

PwC released its Global State of Information Security® Survey 2017 which is based on responses of 10,000 C-level executives from over 133 countries.  In the results PwC found that “59% of survey respondents say they are boosting their spending on security as a result of digitization.”  Hidden within the survey is the growing importance of the Chief Information Security Officer (CISO) and also what it means for developers of cybersecurity tools.

David Burg, PwC’s U.S. and global leader of cybersecurity and privacy, put it best in an interview with Clint Boulton of  “What’s becoming clear is that senior execs — CEOs, marketing chiefs and others who worry about digital — are turning to CISOs and saying, OK how do I solve this? … It’s an important pivot. To remain competitive, organizations today must make a budgetary commitment to the integration of cybersecurity with digitization from the outset.”

At the New York Metro Joint Cyber Security Conference, a panelist made an interesting analogy between the rise of the CISO and the historic rise of Human Resources.  He said that if you followed the development of organizational charts from the early 1900s to today you would see the Human Resources department moving from the bottom of the organizational chart all the way up to the C-Suite.  He predicts that the same is and will continue to happen to the CISO position.

So what does this mean for developers of cybersecurity tools?

The rise of the CISO presents cybersecurity developers with a unique opportunity.  As cybersecurity planning moves earlier in the product development cycle, cybersecurity developers will be able to design their solutions as development tools, not bolt-on solutions.  Part of this effort includes reusing existing systems rather than reinventing the wheel.  For instance, in the past it might have been necessary to give administrators another database to manage, but now developers will be able to use existing protocols and communicate with existing databases.  This is a huge benefit and is something TELEGRID has already taken advantage of with its Privileged Access Management System.

If cybersecurity experts are engaged earlier in the development lifecycle, we can design solutions the way they are supposed to be.  As a company of engineers, TELEGRID knows that having a seat at the table early in the design process is very important.


Eric Sharret is Vice President of Business Development at TELEGRID.  TELEGRID has unique expertise in secure authentication, PKI and Multi-Factor Authentication (MFA).


Disclaimer: The opinions expressed here do not represent those of TELEGRID Technologies, Inc.  The Company will not be held liable for any errors, omissions, or delays in this information or any losses, injuries, or damages arising from its display or use.  All information is provided on an as-is basis.