CISO Role Evolution to Executive-Level Positions

First reported

15.01.2026 16:00

Last updated

1 unique sources, 1 articles

Summary

Hide ▲

The role of the chief information security officer (CISO) is increasingly recognized as an executive-level position, reflecting its growing importance in business strategy. According to IANS' 2026 State of the CISO Report, 46% of CISOs now hold executive titles, while 27% are VPs and 27% are directors. This shift signifies a structural change in security leadership, with CISOs expected to act as enterprise-wide strategists rather than just technical leaders. However, this elevation comes with greater demands, including wider accountability and intensified oversight from senior leadership and boards. The report highlights that over half of CISOs have seen their roles expand over the past year, taking on responsibilities such as SecOps, security architecture, GRC, app security, IAM, compliance, supplier risk management, BC/DR, and product security. Despite this, 52% of CISOs feel their scope is no longer fully manageable, particularly in smaller organizations, which could delay strategic initiatives and increase reactive security measures. Additionally, the report notes a split in security models, with 64% of CISOs still reporting to IT (typically the CTO or CIO), while 36% report to business functions like the CEO, CFO, COO, CRO, or general counsel. This split is more pronounced in larger firms ($1bn+ revenue) and smaller organizations (under $1bn revenue).

Timeline

15.01.2026 16:00 1 articles · 5h ago

CISO Role Evolution to Executive-Level Positions
The role of the CISO is increasingly recognized as an executive-level position, with 46% of CISOs now holding executive titles. This shift signifies a structural change in security leadership, with CISOs expected to act as enterprise-wide strategists. However, this elevation comes with greater demands, including wider accountability and intensified oversight from senior leadership and boards. The report also notes a split in security models, with 64% of CISOs still reporting to IT, while 36% report to business functions.
Show sources

CISO Role Reaches “Inflexion Point” With Executive-Level Titles — www.infosecurity-magazine.com — 15.01.2026 16:00
Open in new tab

Information Snippets

46% of CISOs now hold executive titles, while 27% are VPs and 27% are directors.
First reported: 15.01.2026 16:00

1 source, 1 article
Show sources
- CISO Role Reaches “Inflexion Point” With Executive-Level Titles — www.infosecurity-magazine.com — 15.01.2026 16:00
Over half (53%) of CISOs reported an expansion of their role over the past year.
First reported: 15.01.2026 16:00

1 source, 1 article
Show sources
- CISO Role Reaches “Inflexion Point” With Executive-Level Titles — www.infosecurity-magazine.com — 15.01.2026 16:00
52% of CISOs feel their scope is no longer fully manageable, especially in smaller organizations.
First reported: 15.01.2026 16:00

1 source, 1 article
Show sources
- CISO Role Reaches “Inflexion Point” With Executive-Level Titles — www.infosecurity-magazine.com — 15.01.2026 16:00
64% of CISOs still report to IT, while 36% report to business functions.
First reported: 15.01.2026 16:00

1 source, 1 article
Show sources
- CISO Role Reaches “Inflexion Point” With Executive-Level Titles — www.infosecurity-magazine.com — 15.01.2026 16:00