undefined | Better HN

0 pointsheavenlyblue6y ago0 comments

What is the size of the company when CISO, on average - exists as part of the company?

I know Google has security teams, but what about the smallest company that has one?

0 comments

Whether a company has someone with the title "CISO" or not matters very little to how they design security into their products. The term "DevSecOps" is designed to eliminate the need for a discreet "security" workforce.

To answer the question more directly: I've worked with 10,000+ employee companies with no CISO and I've worked with <1,000 employee companies with separate CTO, CIO, and CISO roles. At the executive level, job titles are more of suggestions than strictly defined silos. It all depends on how the company is organized and what their strategic priorities are.

j / k navigate · click thread line to collapse

0 pointsheavenlyblue6y ago0 comments

What is the size of the company when CISO, on average - exists as part of the company?

I know Google has security teams, but what about the smallest company that has one?

0 comments

freehunter6y ago

j / k navigate · click thread line to collapse