Trends Report

CISOs Reporting To CEOs Solves Most Cybersecurity Problems

Enterprise IT Has Held Cybersecurity Back Long Enough

February 21st, 2023
With contributors:
Joseph Blankenship , Jess Burn , Allie Mellen , Zachary Dallas , Jen Barton


Until recently, most security leaders were C-level in title only, proxied away from the executive leadership team and board of directors by reporting to IT leaders: CIOs, vice presidents, or IT directors. This report segments security leader reporting structures into three groups: IT, CEO-aligned, and risk-aligned using Forrester’s Security Survey, 2022. Reporting to the CEO unlocks security’s ability to contribute meaningfully to the company’s strategic objectives and leads to a better culture on security teams. Security leaders can use this report to compare how reporting structures impact security programs to make the argument that they should report directly to the CEO.

Want to read the full report?

Contact us to become a client

This report is available for individual purchase ($1495).

Forrester helps business and technology leaders use customer obsession to accelerate growth. That means empowering you to put the customer at the center of everything you do: your leadership strategy, and operations. Becoming a customer-obsessed organization requires change — it requires being bold. We give business and technology leaders the confidence to put bold into action, shaping and guiding how to navigate today's unprecedented change in order to succeed.