Do you need a CISO? Maybe. You at least need a security owner.

Author: Blane Erwin