Let’s face it titles matter. By title, I am referring to your business title. In this case the reference is to the title of the one in charge of Cybersecurity. This may seem trivial. But outside of your place of employment this matters. It tells the outside world a lot about who they are interacting with and where you are in your career. And if you are very much involved in the industry (outside of your day job) then your business title is that much more important.
The Chief Information Security Officer (CISO) business title is probably the most known related to Cybersecurity and/or Information Security, this is especially so at executive levels.
But what about a CISO that also oversees areas like Site Reliability Engineering (SRE), Devops, Devsecops and/or IT Security? As of late I have seen a role titled “Chief Cyber Officer” and that may cover these other areas as they could be considered not purely security in nature. This is of course arguable given that SRE and Devops functions ultimately play into the “availability” tenet of the CIA triad.
Here are some examples of other relevant business titles I have encountered. They ultimately play the same role as a CISO (even if at varying levels):
- Business Information Security Officer (BISO)
- VP of Cybersecurity
- SVP of Cybersecurity
- Senior Director of [Cybersecurity | Information Security]
- Director of [Cybersecurity | Information Security]
Ultimately, an organization needs someone in a role that has the last word on cyber/information security matters. No matter the role, this is the title of the one in charge of Cybersecurity. It requires a proper business title. If your role is not properly titled, your external persona is being done an injustice.