Of course, as anyone who’s engaged in a little corporate infighting knows, often your influence within a company is most clearly defined by who you report to on the org chart. We asked companies with both CSOs and CISOs who that officer reported to, and the results were somewhat illuminating about the differences between the two.
At organizations that had a CSO, about half of those executives reported directly to the CEO or COO, while a quarter reported to the company’s top-level CIO. For CISOs, these reporting structures were almost exactly reversed: about half were under the top-level CIO’s umbrella, and a quarter answered to someone closer to the top. That seems to indicate that CSO is the title with more prestige, at least for now. (For both jobs there were a smattering of other potential bosses, including divisional CIOs and CFOs, the latter perhaps being a legacy of loss prevention falling under that officer’s purview.)