Ciso Role Reaches “inflexion Point” With Executive-level Titles

The role of chief information security officer (CISO) is now more likely to be regarded as an executive-level position than VP or director, signifying its growing importance to the business, according to IANS.

The research and advisory firm put together its 2026 State of the CISO Report based on interviews with 662 North American CISOs.

It revealed that 46% of respondents now hold executive titles (e.g., EVP, SVP), while 27% are VPs and 27% are directors. This indicates a “structural shift” in the security leadership landscape, IANS claimed.

“CISOs are increasingly expected to serve not just as technical leaders, but as enterprise-wide strategists,” the report noted.

“Their rise to the executive ranks brings greater influence but also greater demands, including wider accountability, more cross-functional engagement, and intensified expectations and oversight from senior leadership and boards.”

Read more on CISO roles: CISOs Dramatically Increase Boardroom Influence but Still Lack Soft Skills

The challenge for CISOs interviewed for the report is meeting these greater demands with limited resources.

Over half (53%) of respondents said their role had expanded over the past year. Most now have responsibility for SecOps, security architecture and engineering, GRC, app security, IAM, compliance, supplier risk management, BC/DR and product security.

However, more than half (52%) of CISOs polled by IANS said that their scope is no longer fully manageable, especially in smaller organizations. They warned that this imbalance could delay strategic initiatives and increase the likelihood of reactive security.

“The CISO role has clearly reached an inflection point,” said Nick Kakolowski, senior director, CISO Research at IANS.

Source: InfoSecurity Magazine