CISO roles face responsibility without authority, causing tension. Accountability exists but not equivalent decision-making power. Discussions include CISOs as risk advisors, the persistence of outdated security practices, and redefining employees from weakest links to strong allies. Experts stress the importance of adapting to new cybersecurity landscapes, emphasizing communication's role in enhancing security culture. Additionally, participants debate the severity of security breaches in public utilities versus logistics, ultimately favoring water supply threats as more impactful due to health implications.
https://cisoseries.com/we-gave-the-ciso-risk-and-liability-and-now-they-want-authority-the-nerve/