The Role and Understanding of Chief Information Security Officers (CISOs) in Australian Businesses

More than four-in-five Australian businesses are now equipped with a Chief Information Security Officer (CISO), marking a significant hiring boom in 2023, according to a recent study by Fastly, a leading global Edge cloud platform provider.

The study revealed that 81% of Australian businesses already have a CISO in place, with an additional 11% planning to hire one within the next two years. Despite this surge in CISO hiring, there remains a widespread misunderstanding of the role among IT professionals.

Fastly’s data highlights that 25% of IT leaders believe CISOs are often wrongly held accountable for cybersecurity incidents that are not their fault, with another 22% mistakenly attributing such responsibility to security managers and engineers.

Furthermore, there is discrepancy in the perception of the CISO’s responsibilities, with 42% of IT leaders considering them crucial in safeguarding the business from threats, while 45% believe they should possess comprehensive IT knowledge. Additionally, 27% feel that CISOs are burdened with excessive legal and operational duties.

Marshall Erwin, CISO at Fastly, emphasized the evolving nature of the CISO role, noting that in 2024, CISOs are viewed more as business leaders overseeing cybersecurity strategy. Erwin stressed the importance of organizations gaining a better understanding of the CISO role to enhance their cybersecurity posture.

Fastly’s comprehensive report, “The Race to Adapt: How your cybersecurity posture is affecting your business’s bottom line,” based on insights from nearly 1,500 global IT decision-makers, offers practical advice for strengthening security strategies.