The CISO as Business Resilience Architect – Dark Reading

TechTarget and Informa Tech’s Digital Business Combine.TechTarget and Informa
Together, we power an unparalleled network of 220+ online properties covering 10,000+ granular topics, serving an audience of 50+ million professionals with original, objective content from trusted sources. We help you gain critical insights and make more informed decisions across your business priorities.
To truly become indispensable in the boardroom, CISOs need to meet the dual demands of defending against sophisticated adversaries while leading resilience strategies.
March 12, 2025
COMMENTARY
It's been a tough few years for the CISO. Regulations across the globe have now made those holding the role of chief information security officer personally accountable in the event of a breach, from the Securities and Exchange Commission (SEC) demanding to know management's role in assessing and managing material risks to the European Union's NIS2 regulations, which can see C-level execs suspended. It's created a culture of blame, and the year ended with 77% of CISOs wondering if the next data breach will cost them their jobs. 
Another consequence of increasing regulation is that CISOs are now swamped with compliance demands. They need to ensure the company meets its obligations concerning data protection such as the General Data Protection Regulation (GDPR), financial governance such as the Digital Operational Resilience Act (DORA), and other industry-specific legislation, as well as standards and benchmarks. This has proven to be a double-edged sword, as while it has helped put cybersecurity on the boardroom agenda, it has also seen the CISO's workload expand, with Gartner predicting 45% will see their remit move beyond cybersecurity by 2027.
At the same time, technical demands have also increased as threats have evolved. It's now much more common for attacks to operate below the radar, so there's been a shift from traditional detection toward observing and predicting behavior and intent. 
As a result, many solutions have been found wanting, with 44% of CISOs reporting they were unable to detect a data breach in the past year using their existing security tools. API is a classic example. While many organizations have gone API-first in their service delivery models, they've continued to rely on signature-based Web application firewalls (WAFs) or the rudimentary security offered as an adjunct with API gateways rather than opting for a behavior-based dedicated solution.
Many CISOs are also expected to oversee the integration of AI into the enterprise in line with frameworks such as ISO 42001. If mishandled, generative AI (GenAI) threatens the confidentiality, integrity, and availability (CIA) that underpins data protection. What's more, the emergence of agentic AI, which will allow autonomous decision-making, raises the stakes even further. While it promises to bridge the skills gap and free up human resources by augmenting teams and making recommendations on courses of action, it could lead to disastrous results without adequate guardrails.
There's been much discussion over what this all means for the role of CISO. Will it split into two roles, one tasked with governance, risk, and compliance (GRC) and strategy and the other technology, cyber hygiene, and keeping the lights on? Or will we see additional roles emerge, such as the chief AI officer (CAIO)? The trouble with this fragmentation is that we have already seen the C-suite double in size over recent years. This can affect the ability of the board when it comes to dynamic decision-making, potentially leading to missed opportunities.
What's more likely and more advantageous for the business is for the CISO's role to evolve into the architect of business resilience across the enterprise. In effect, AI will act as an emancipator, significantly reducing the need for CISOs to focus on defense and continually firefight. As they no longer need to focus on leading cyber-defense efforts, they will be free to view and interpret cybersecurity in the wider context of the company.
Armed with more oversight, the CISO will play a pivotal role in translating cybersecurity investments in terms of their measurable effects on business continuity and revenue. They will strive to design and refine the security architecture to promote resilience, enabling the business to cope with and adapt to the shocks and disruption attacks bring. And they'll embed security into every corner of the business, fostering a culture of resilience that strengthens defenses while supporting growth. 
In fact, the role will move closer to that of an enterprise architect (EA) who harnesses both technology and business strategy to fulfill business transformation and optimization goals from an IT perspective. Like the CISO, EAs sit between IT and senior management, but they oversee the technical architecture and its road map, planning for and integrating emerging technologies that confer operational advantage. Security architecture can be aligned with and considered a subset of EA but looking to the future, we could well see a merging of the two overseen by the CISO.
It's an intriguing prospect that is likely to attract more interest in the role, which is welcome news given that recent reports suggest 24% of CISOs want to resign. But to get there, CISOs will need to meet the dual demands of defending against sophisticated adversaries while leading resilience strategies, both of which will make the CISO truly indispensable in the boardroom.
Read more about:
Randolph Barr
CISO, Cequence Security
Randolph Barr is a seasoned chief information security officer with more than two decades of experience in cybersecurity, IT, and risk management. He has led the development and expansion of security programs across various industries, establishing foundational frameworks that not only address immediate threats but also scale with business growth. Randolph’s expertise has enabled organizations to achieve recognized security certifications and third-party attestations, ensuring security governance and compliance. Committed to fostering a collaborative environment within the security community, he focuses on sharing and learning from experiences to strengthen collective defences against bad actors. Equally, Randolph emphasizes building transparency within security programs to enhance trust and demonstrate a strong commitment to safeguarding customer interests. His strategic initiatives in offensive security and risk management have significantly reinforced security resilience. Randolph holds a CISSP certification, dual bachelor’s degrees in computer science and business administration, and has completed advanced studies in artificial intelligence (AI) at UC Berkeley.
DR, SIEM, SOAR, and MORE: How to Determine the Right Endpoint Strategy for Your Enterprise
What is the Right Role for Identity and Access Management in Your Enterprise?
Today’s Top Cloud Security Threats
Memory Safety & Exploit Management: Real-World Attacks & Defenses
Unifying Cloud Security: A Blueprint for Modern Threat Resilience
[Conference] Black Hat USA – August 2-7 – Learn More
[Conference] Black Hat Asia – April 1-4 – Learn More
[Dark Reading Virtual Event] Cybersecurity’s Most Promising New and Emerging Technologies
You May Also Like
DR, SIEM, SOAR, and MORE: How to Determine the Right Endpoint Strategy for Your Enterprise
What is the Right Role for Identity and Access Management in Your Enterprise?
Today’s Top Cloud Security Threats
Memory Safety & Exploit Management: Real-World Attacks & Defenses
Unifying Cloud Security: A Blueprint for Modern Threat Resilience
6 Key Requirements of Multicloud Security
Secure remote access. Simplified.
Driving the Future of Work Through Enterprise-Wide SASE
4 Best Practices for Hybrid Security Policy Management
Understanding Social Engineering Attacks and What To Do About Them
[Conference] Black Hat USA – August 2-7 – Learn More
[Conference] Black Hat Asia – April 1-4 – Learn More
[Dark Reading Virtual Event] Cybersecurity’s Most Promising New and Emerging Technologies
Copyright © 2025. This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world’s technology buyers and sellers. All copyright resides with them. Informa PLC’s registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.’s registered office is 275 Grove St. Newton, MA 02466.

source
This is a newsfeed from leading technology publications. No additional editorial review has been performed before posting.