A Chief Information Security Officer, CISO, is by definition the senior-level executive responsible for overall information security within the organization. The CISO is generally a member of the executive team and is responsible for maintaining strategy and execution related to protecting information, infrastructure, and technology.
The CISO may work closely with the CTO (Chief Technology Officer) and CIO (Chief Information Officer).
Part of a CISO’s responsibility is preventing and mitigating a breach of corporate infrastructure, with a heavy emphasis on preventing, protecting, and defending. Teams that manage privileged accounts and associated solutions like vulnerability testing, incident response, least privilege management, and security compliance policies tend to report to a central CISO.