A Chief Information Security Officer (CISO) is responsible and accountable for securing the company’s data and technical assets. A CISO creates and owns the information security strategy with the objective to protect the confidentiality, integrity, and availability of data. CISOs are charged with creating an information security strategy as well as the development and management of the organization’s security programs. A CISO’s duties also include conducting security risk assessments and implementing controls necessary to mitigate identified risks across the enterprise. CISOs also ensure that the organization is compliant with regulatory and contractual requirements.