VIRTUAL CISO

The chief information security officer (CISO) is the executive responsible for an organization's information and data security. While in the past the role has been rather narrowly defined along those lines, these days the title is often used interchangeably with CSO and VP of security, indicating a more expansive role in the organization.

Security operations: Real-time analysis of immediate threats, and triage when something goes wrong

Cyberrisk and cyber intelligence: Keeping abreast of developing security threats, and helping the board understand potential security problems that might arise from acquisitions or other big business moves

Security architecture: Planning, buying, and rolling out security hardware and software, and making sure IT and network infrastructure is designed with best security practices in mind

Identity and access management: Ensuring that only authorized people have access to restricted data and systems

Data loss and fraud prevention: Making sure internal staff doesn't misuse or steal data

Program management: Keeping ahead of security needs by implementing programs or projects that mitigate risks — regular system patches, for instance

Investigations and forensics: Determining what went wrong in a breach, dealing with those responsible if they're internal, and planning to avoid repeats of the same crisis

Governance: Making sure all of the above initiatives run smoothly and get the funding they need — and that corporate leadership understands their importance