The complexity of technology means that organizations need their technology and security teams to work together to develop and implement solutions. In particular, companies need their CIO and their CSO to work in collaboration to achieve the company’s objectives. Here are some ways they can achieve this.
Have both parties share their similarities in roles.
One of more common issues between the CIO and the CSO is their approach to the job. While CIOs enjoy taking risks with new platforms, CSOs have to look at the security risks involved with new programming, which can lead to miscommunication between the two departments. Instead of butting heads on differences in job responsibilities, Jo Stewart-Rattray, who is the director of information security and IT assurance at BRM Holdich, recommends that both parties discuss the similarities in their jobs. By doing this they can accomplish two things:
• Both parties will notice many similarities in what each position entails and the differences they discover won’t be as far as first perceived.
• It sets a healthy framework for collaboration by both parties. When each examines the other’s position with an open-mind, it develops the foundation for collaboration.
Open communication throughout the organization.
In a security survey conducted by the Global State of Information, respondents noted that their biggest obstacles to security are a lack of strategy from a security standpoint and a lack leadership that understands how innovations of future business needs impact the company’s security. Simply, this means there’s a lack of communication between the executive, information, and security departments. This represents a significant concern because without open communication from all parts, it can make it difficult to achieve future business objectives. This is why it is imperative that there is open communication between the CIO and the CSO.
By doing so, they can open a healthy flow of information and collaboration between the security and information technology departments that way during new implementations IT isn’t vulnerable after they consider all security risks.
Both parties need to report to each other.
Another area of disconnect in organizations is when the CIOs or CSOs report directly to the CEOs instead of to each other. The problem with this is it can create rift between both positions because it inhibits the flow of information to each department. This is why it is vital in an organizational structure that the CIO and CSO work in collaboration with the CEO or executive board.
By doing so, it opens a dialogue between all parties involved. Benefits are these:
• The executive committee knows security risks for new technology.
• The IT department understands the vulnerabilities associated with new platforms.
• The security department is able to evaluate risk on new platforms.
The result is open communication whereby each part works together to achieve the company’s objectives in a safe manner.
Overall, CIOs and CSOs must work together. When they do this, they create a partnership where both departments collaborate during the designing and implementation process to make new transitions smooth and safe.