View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
November 10, 2022updated 16 Nov 2022 5:00pm

The rise of the chief trust officer? Vodafone security boss expects CISO role to split

Preserving trust in digital systems is increasingly vital for tech leaders, Vodafone Business's security chief said this week.

By Claudia Glover

The role of CISO is likely to split in two in the near future, with new positions created heading up security and trust in IT operations, Vodafone Business’s head of cybersecurity believes.

The future of the role of CISO is changing, says the cybersecurity lead at Vodafone. (Photo by Joe Dejvice/Shutterstock)

Andrzej Kawalec, head of cybersecurity at Vodafone Business, was speaking at the Cybersecurity Leadership Summit in Berlin hosted by analysis company KuppingerCole on Wednesday, as part of a panel on the key attributes for the CISO of the future. He said building trust in digital systems, for staff and customers, was becoming such a big part of the job that it would soon be necessary to separate it from other IT security leadership responsibilities.

The emergence of the chief trust officer

In most organisations, CISOs focus on protecting staff and systems from potential attack, as well as controlling the damage during breaches. However, even in the midst of a large-scale cyber incident Kawalec believes security leaders are thinking about the impact

“The question we increasingly think about, even in the middle of an attack, is ‘what’s the impact on our stakeholders and shareholders?’,” he said. Numerous elements need to be considered during a cyber incident that lead back to trust, he continued. “What’s the impact on the systems? How are you managing communication? What is the trust that we hold in place for our business? How is that trust seen and felt by markets?” he asked.

High-profile cybersecurity incidents, such as the recent Optus breach, can have a big impact on businesses and the way they are perceived by customers, as well as the trust that staff have in using digital tools. Because of this, Kawalec says a new role may be required to manage these elements of cybersecurity and ensure that attacks do not have long-lasting negative implications.

“I wonder whether you could see, alongside the chief digital officer, a trust officer,” he said.

The growing importance of the CISO

Kawalec believes the importance of the CISO is gaining greater recognition at the c-suite level. “In three years, the role of the CISO will be mainstream,” he said. “They will sit and have much greater influence across the organisation.”

It is possible to see this growth happening even now, added Dr Marc Hofmann, CISO at Finnish bank Nordea. “The board is already trying to get confident on the topic of security, and I think that’s the point.” Dr Hofmann said. “I am talking to the board [at Nordea] on a monthly basis, just for security topics. I see this across all the larger organisations,” he said. 

Content from our partners
How to turn the evidence hackers leave behind against them
Why food manufacturers must pursue greater visibility and agility
How to define an empowered chief data officer

The Covid-19 pandemic has helped escalate the importance of security to companies, added Kawalec. He said hybrid working and the challenges this presents have meant security has risen on the agenda for business leaders. “A huge advantage has come through Covid and the move to a much more open, yet controlled, hybrid model [of working],” he explained. “It’s been a real starting gun for how we develop [security] controls.”

Read more: Cyberattacks are the biggest risk to the UK financial system

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU