To maintain their growing stature and evolving role, CSOs/CISOs “must scale their mandate in the face of increasingly accelerated disruptive technological changes” from AI and cloud transformations, greater customer trust expectations, and a threat landscape that continues to intensify, SAP’s Lange says.

Adapting to the velocity of change and providing a consistent defensible risk posture “necessitates the adoption of measurable, verifiable central controls frameworks as a bedrock of security agility,’’ he adds.

With security now a foundational component of business operations, it is incumbent upon CSOs and CISOs to understand why the business is doing what it’s doing, and what the priorities are, and align technology with those priorities, says Jason Loomis, CISO of cloud SaaS provider Freshworks.

This will potentially position them for other C-level roles, he believes.

“The experience most CISOs come with is having all the responsibility and none of that authority, and yet, they have to affect change in organizations, all while being advanced technologists that keep up with emerging trends,’’ Loomis says. “All these traits make the CISO a ripe candidate for other C-level roles.”