Elevating Cybersecurity 2025

Page 12 of 26 · WEF_Elevating_Cybersecurity_2025.pdf

← Prev Next → Download original PDF
Internal stakeholders C-suite and key allies (top leadership, such as chief financial officers, chief risk officers, chief digital officers, chief legal officers, chief information officers) Responsibilities of the CISO to C-suite and key allies –Align cyber strategy with business objectives and collaborate with C-suite members to ensure cybersecurity supports the company’s growth and resilience –Ensure alignment with business needs to provide a strong case for cybersecurity activities within the organization –Provide a clear view on the cyber posture of the organization with regard to its overall risk tolerance and appetite; regularly report on the status of the cyber posture, including advances, issues and resourcing needs Responsibilities of C-suite and key allies to the CISO –Ensure the CISO is well equipped financially to protect the organization and that they are empowered to establish key relationships within the organization –Undertake training on cybersecurity, including in collaboration on cyber incident response Risk management and compliance teams Responsibilities of the CISO to risk management and compliance teams –Communicate cyber risks and related mitigating actions –Consult and seek advice on how to align cyber risks with overall risk appetite and toleranceResponsibilities of risk management and compliance teams to the CISO –Steer the reporting of cyber risks into enterprise risks so that they are treated as part of the organization’s overall risk profile –Assist in managing vendor risks –Disseminate cyber-related regulatory requirements to relevant (non-tech) audiences internally Digital (IT & OT) teams Responsibilities of the CISO to digital teams –Develop a partnership and collaborative relationship with an open communication line –Provide policies, standards and guidance for secure and resilient implementation, use and decommissioning of key technology componentsResponsibilities of digital teams to the CISO –Communicate and report on the technological evolution and implementation of key technologies –Consult and follow cybersecurity advice and requirements AI teams Responsibilities of the CISO to AI teams –Learn about new applications and uses of AI within the enterprise –Provide cyber-related advice in a timely manner, taking into consideration the business requirements, and expand traditional app- security reviews, for example, to include ethics, bias, model security and prompt analysisResponsibilities of AI teams to the CISO –Involve and consult the cybersecurity team early in the development of new products and services to make sure cybersecurity practices are embedded from the outset Elevating Cybersecurity: Ensuring Strategic and Sustainable Impact for CISOs 12
Ask AI what this page says about a topic: