CSO (Chief Security Officer) definition

Assuming a consistent pattern of titles in companies that have a Chief Executive Officer (CEO) and Chief Information Officer (CIO), the Chief Security Officer (CSO) is the person responsible for the security of a company's communications and other business systems, especially those now exposed to intrusion from outsiders on the Internet. The CSO may also have a role, together with the CIO, in planning for and managing disaster recovery. The CSO is likely to be involved in both the business (including people) and technical aspects of security.

CSO responsibilities may include training others for security awareness, developing secure business and communication practices, purchasing security products, and ensuring that security practices are being followed. Depending on the size of a company and the perceived importance of security, a CSO may report to the Chief Information Officer or the Chief Technology Officer or, less frequently, report directly to the CEO. In companies without a CSO, the security responsibilies are usually held by the CIO or the CTO.

In October 2002, at least 200 companies are reported to have a CSO. Ed Hurley of SearchSecurity.com reports these other names for the CSO:


  • Chief Security Architect
  • Chief Information Security Officer
  • Security Manager
  • Corporate Security Officer
  • Information Security Manager
This was first published in April 2008

Continue Reading About CSO (Chief Security Officer)

Dig Deeper on Information Security Jobs and Training



Find more PRO+ content and other member only offers, here.

1 comment


Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:


File Extensions and File Formats

Powered by: