Sergey Nivens - Fotolia

Get started Bring yourself up to speed with our introductory content.

How do chief data officers affect the role of the CISO?

Chief data officers are becoming more common in enterprises, but how does the presence of this c-level affect the CISO's role? Expert Mike O. Villegas discusses.

Gartner is predicting the rise of chief data officers in organizations. What exactly is a CDO? What are their responsibilities?...

How will their presence affect CISOs?

The challenge of protecting data and access to data has existed since the beginning of time. The CISO's role is to ensure proper protection is deployed based on risk and the need to know. Over time, new executive roles have evolved with the chief information risk officer; chief privacy officer; and, more recently, the CDO. Each has had an impact on how this challenge is confronted.

According to Gartner, today there are about 1,000 CDOs and chief analytics officers in the world, and they predict that by 2019, 90% of all global enterprises will have appointed a CDO. What is the role of chief data officers, and how will they affect the responsibilities of the CISO?

According to IBM, chief data officers must be able to understand all the different aspects of data. The CDO should drive executive actions supported by data, accelerate the enterprise data strategy to enable business transformation and reward data-driven innovation that benefits corporate performance. CDOs focus on how to turn data into dollars, but how does this affect protection of data?

Chief data officers help determine the right level of employee access to data. They should know what data exists, how it should be used, who should have access, what level of access should be granted and when it should be disposed. Historically, the CISO has attempted to accomplish this with security risk assessments, role-based access control and access controls. The CDO is typically not as technical as the CISO, but should be sufficiently aware of protection schemes to ask the CISO the right questions.

Do chief data officers threaten the CISO's ability to do the job? Not at all, the positions complement each other. This does not mean that the CISO should stay exclusively technical. The CISO should continue to strive to understand business objectives to earn and retain the respect of the audit committee and board of directors, but if the CDO's focus is to ensure proper access and protection of data, that makes the CISO's job that much easier.

Ask the Expert:
Have questions about enterprise security? Send them via email today. (All questions are anonymous.)

Next Steps

Check out this description of the first 90 days of four CDOs

Learn more about the state of chief data officers

Find out how big data affects the need for chief data officers

This was last published in June 2016

Dig Deeper on Information security program management