Chief of Everything – What Does it Mean to be a Modern CISO? - GDS Group

Chief of Everything – What Does it Mean to be a Modern CISO?

Article - Security
By Josh Porter|29th April 2025

As we’ve mentioned before, few senior leaders are as embattled as the CISO. No longer confined to “blocking and tackling” threats, today’s CISO needs to be a business enabler, data steward, risk strategist, and communicator-in-chief. With so much on one plate, it’s no wonder that the modern CISO is experiencing an identity crisis. 

At our recent Security Insight Summit, our audience heard from leaders on the evolving role of the CISO, aligning security with the business, and the importance of steady leadership in chaotic times. Here’s some of the key takeaways from those discussions. 

Pulled in Every Direction 

These days the responsibilities piled upon CISOs often extend beyond pure security. Now encompassing areas like privacy, data governance, risk mitigation, and incident handling, CISOs are asking: are we truly the “chief of anything?” 

Unfortunately, new responsibilities do nothing to diminish the mounting security threats that need addressing. To add to that, even though CISOs are already stretched thin, there is still an expectation that security actively contributes to business enablement. 

What does enabling the business look like? Is it reducing friction? Is it finding cost-savings in tight budgets? Whatever it looks like for your organization, it’s just another thing vying for headspace in the mind of a modern CISO. 

Communication Chaos 

The modern CISO operates within a complex ecosystem of stakeholders. As Richard Balducci pointed out in his keynote: 

Richard Balducci quote

Successfully navigating these interactions requires the ability to adjust your approach based on the specific situation. For instance, if you’re implementing a new password policy it might be best to approach with a supportive and patient touch. If you’re speaking to the board about your budget, suddenly it’s about “speaking the language of business.” 

If they want a seat at the table, modern CISOs need to master this adaptive approach to leadership. When every interaction needs to be prefaced with a battery of questions, check out this handy CISO Stakeholder Decoder: 

  • Who am I speaking to? 
  • What’s their understanding of cybersecurity? 
  • Do they need support or cold, hard reason? 
  •  Language of business or a more human touch? 

A modern CISO needs to be just as adept at communication as they are with technology. 

Aligning With Your Business 

We asked the community at our most recent Security Insight Summit what their biggest challenge was when it came to positioning cybersecurity as a business strategy: 

Modern CISO Challenges

There is no single barrier impeding CISOs, but rather, a tangle of competing priorities. That said, balancing security investment with growth and shifting to a more proactive security approach both reflect the contradiction at the heart of being a modern CISO—do more with less. Be more proactive but don’t spend too much. Prioritize business growth but keep everything secure. 

Is there a way to address this contradiction? 

Can AI Help? 

While it’s certainly not a miracle cure, AI presents a significant opportunity for CISOs to evolve from simply preventing threats to becoming true business partners. 

CISOs are uniquely positioned to lead on AI initiatives. They have the opportunity to steer the business in the right direction by implementing a robust data governance framework before widespread implementation. By working closely with business leaders to understand their challenges, CISOs can identify areas where AI can solve tangible business problems. 

But the potential benefit for CISOs doesn’t stop there. According to Darktrace’s State of AI research report, 95% of cybersecurity professionals believe that AI-powered solutions will level up their organizations’ defenses, enabling them to better meet increasingly sophisticated threats. 

Some CISOs had seen success by forming an AI innovation groups. These groups gave CISOs the opportunity to sit down with business leaders with an awareness that AI is already being used, but using the group as a forum to help them uncover opportunities to improve and innovate securely.

By championing the AI initiatives that directly address business needs, CISOs can strengthen their position as strategic advisors within the organization. 

Being a Modern CISO 

As the expectations placed on security leaders continue to expand, so too must their adaptability. 

Success as a modern CISO doesn’t come from doing everything; it comes from knowing what matters most, aligning with the business, and empowering others to make secure decisions. Today’s CISOs must lead not just from a place of technical expertise, but from a deep understanding of business value. 

The question isn’t whether the role is changing, it is. It’s whether we’re ready to let CISOs fully embrace what it means to be a Chief. 

 

For more insights on the future of cybersecurity and to join the conversations shaping it, check out our upcoming Security Insight Summits 

To see all our upcoming summits, please see our events page. 

By Josh Porter|29th April 2025
Back to insights

Related content

View all
Security
Article

Is Simplicity the Way Forward for Cybersecurity?

It’s no exaggeration to say the threat from cyber-attacks has never been greater. But instead of trying to secure everything, is there a simpler way?
4 minute read
Josh Porter
Find out more
Security
Article

Security Summit, Lisbon 2025 | Insights Report

Missed our recent Security Summit, or maybe just want a refresher? Here are all the insights from the main stage.
Adam Burns
Find out more
Security
Article

Consolidating Cybersecurity: Is it Worth it?

Airtight cybersecurity is what dreams are made of. You just need to figure out how to get there. Consolidate? Or consolidon't?
3 Minute Read
Patrick Mclean
Find out more
Security
Article

The CISO’s Dilemma – Doing More With Less in Cybersecurity

The list of CISO priorities is growing. Host and editor Ben Thompson, asks: how do CISOs manage the pressure to be more efficient and effective?
4 minute read
Ben Thompson
Find out more
Security
Article

How Do You Balance Security and Agility While Staying Compliant?

If you're not compliant, you're at risk. If you're too focused on compliance, you slow down your ability to innovate. How do you strike the balance?
5 minute read
Josh Porter
Find out more
Security
Article

Cybersecurity in 2025: Challenges and Solutions

With the year ahead of you, now’s a better time than any to start rethinking your security measures.
3 Minute Read
Patrick Mclean
Find out more
Healthcare
Article

Healthcare: Staying Secure in 2025

For the healthcare industry making a robust cybersecurity strategy not just important but absolutely critical.
4 minute read
Patrick Mclean
Find out more
Security
Article

Building Operational Resilience in 2025

Hear from the experts on how you can prioritize your operational resilience for 2025.
4 minute read
Josh Porter
Find out more
Security
Article

Managing the Pressures of Being a CISO

Managing the pressures of being a CISO is a constant challenge. Here is how CISOs can lighten the load.
5 minute read
Josh Porter
Find out more

Related events

GDS Roundtable Environment with host, Kristina
Security
Roundtable

Operationalizing Cyber Resilience Under Pressure

25 March 2026 12:00 pm - 1:30 pm GMT
Find out more