Barry Caplin, Chief Information Security Officer at Fairview Health Services, discussed the differences between chief information security officers and chief information officers during his presentation at the 2014 Chief Information Officer Leadership Forum in Chicago on June 19. In his presentation, "CISOs Are from Mars, CIOs Are from Venus," Caplin noted CISOs and CIOs utilize different tools and perform different functions daily.
Many CISOs report to a CIO, Caplin said, while CIOs typically report to a chief financial officer or chief risk officer. In addition, Caplin pointed out CISOs and CIOs essentially speak different languages because they deal with different threats. However, he also noted financial data integrity is important for both CISOs and CIOs: "We're both concerned with the coherence of financial data. We've got financial systems. They have to be working well. At the end of the day, whatever kind of business we’re in, we've got to make money, we've got to get paid. It's got to work."
A united front on data breaches is crucial for CISOs and CIOs, according to Caplin. If a CISO or CIO cannot manage a data breach, Caplin said, both of these professionals could put their jobs at risk: "Our CIO could be in a situation where he or she is considering interim opportunities. Many of us know organizations where this has happened and you know what? The CISO is in the same boat. We don't necessarily have a lot of longevity going for us either. CISO could stand for career is soon over. That’s not where any of us want to be."