For a financial services firm with many different business lines all around the world, it is impossible for a centralized information security department to understand all evolving risks and threats at a deep enough level to both protect and enable the entire business on a continuous basis. The role of the Business Information Security Officer (BISO) is to build a bridge between the specific needs and associated risks of the business and the enterprise information security department with its holistic view of the organization’s cyber posture and program. The exact role of the BISO will vary, but in effect they act as a “mini-CISO,” presenting to local boards, building relationships, representing the organization externally, and bringing cyber expertise to business strategy. The BISO model helps us differentiate our cyber program in the marketplace, which is increasingly a competitive advantage to the business.
Insurance products and plan administrative services provided through Principal Life Insurance Co., a member of the Principal Financial Group®, Des Moines, IA 50392. Principal Global Investors leads global asset management and is a member of the Principal Financial Group®. 1236257-072020
© 2021 FS-ISAC, Inc. All rights reserved.