Most Effective CISOs Have Business Background, Says IBM Security Leader

Don't feel insecure about your lack of a heavy technical background, CISOs, because the most successful CISOs are those with a business background, said Kris Lovejoy, general manager of IBM Security Services, at an IBM security leadership forum Wednesday.
Lovejoy provided a preview of research IBM conducted about the state of the CISO; the full report will be released next month. Among the findings: Most CISOs report into IT (and the CIO) "because that's where the money is," while others are reporting to their CEO, chief operating officer, or chief administrative officer.
The reporting structure is one of the reasons that CISOs coming from the business side are more effective, says Lovejoy, because "they know how to manipulate the system" and get things done despite the challenges of organizational politics or bureaucracy.