I doubt it would be of any use. Most companies underfinance IT and security, while CISO just writes “rules” on how things should be, instead of overseeing actual hardening.
CEOs on the other hand being financially or criminally responsible, may lead to something.
At least the EU NIS2 directive has the right idea about it
I doubt it would be of any use. Most companies underfinance IT and security, while CISO just writes “rules” on how things should be, instead of overseeing actual hardening.
CEOs on the other hand being financially or criminally responsible, may lead to something.
At least the EU NIS2 directive has the right idea about it