{"id":4142,"date":"2026-01-17T09:39:03","date_gmt":"2026-01-17T09:39:03","guid":{"rendered":"https:\/\/ft365.org\/index.php\/2026\/01\/17\/ciso-role-reaches-inflexion-point-with-executive-level-titles\/"},"modified":"2026-01-17T09:39:03","modified_gmt":"2026-01-17T09:39:03","slug":"ciso-role-reaches-inflexion-point-with-executive-level-titles","status":"publish","type":"post","link":"http:\/\/ft365.org\/index.php\/2026\/01\/17\/ciso-role-reaches-inflexion-point-with-executive-level-titles\/","title":{"rendered":"CISO Role Reaches \u201cInflexion Point\u201d With Executive-Level Titles"},"content":{"rendered":"
\n

\"Photo<\/p>\n<\/div>\n

\n

The role of chief information security officer (CISO) is now more likely to be regarded as an executive-level position than VP or director, signifying its growing importance to the business, according to IANS.<\/p>\n

The research and advisory firm put together its 2026 State of the CISO Report <\/em>based on interviews with 662 North American CISOs.<\/p>\n

It revealed that 46% of respondents now hold executive titles (e.g., EVP, SVP), while 27% are VPs and 27% are directors. This indicates a \u201cstructural shift\u201d in the security leadership landscape, IANS claimed.<\/p>\n

\u201cCISOs are increasingly expected to serve not just as technical leaders, but as enterprise-wide strategists,\u201d the report noted.<\/p>\n

\u201cTheir rise to the executive ranks brings greater influence but also greater demands, including wider accountability, more cross-functional engagement, and intensified expectations and oversight from senior leadership and boards.\u201d<\/p>\n

Read more on CISO roles: CISOs Dramatically Increase Boardroom Influence but Still Lack Soft Skills<\/em><\/p>\n

The challenge for CISOs interviewed for the report is meeting these greater demands with limited resources.<\/p>\n

Over half (53%) of respondents said their role had expanded over the past year. Most now have responsibility for SecOps, security architecture and engineering, GRC, app security, IAM, compliance, supplier risk management, BC\/DR\u00a0and product security.<\/p>\n

However, more than half (52%) of CISOs polled by IANS said that their scope is no longer fully manageable, especially in smaller organizations. They warned that this imbalance could delay strategic initiatives and increase the likelihood of reactive security.<\/p>\n

\u201cThe CISO role has clearly reached an inflection point,\u201d said Nick Kakolowski, senior director, CISO Research at IANS.<\/p>\n

\u201cExecutive-level titles are becoming more common, but many CISOs are still operating within legacy structures that haven\u2019t kept pace with the scope and expectations now placed on the role.\u201d<\/p>\n

Security Splits in Two<\/h2>\n

Despite executive-level recognition, most (64%) CISOs still report into IT \u2013 typically the CTO or CIO \u2013\u00a0with just 36% reporting to the business.<\/p>\n

However, this is changing, and those with executive positions are more likely to report into the CEO\/CFO\/COO\/CRO or general counsel. Some 44% do in the largest firms ($1bn+ revenue) while an even bigger share (64%) do in smaller organizations (under $1bn revenue).<\/p>\n

IANS argued that security is effectively splitting into two models:<\/p>\n