How Do You Pronounce CISO?

Published on 15th July 2020 Author: Rob Black

One of my clients pronounces it SIS-so.

Another one spells out C-I-S-O.

That got me thinking: why do I pronounce CISO, SEE-so?

But before I answer that question, what exactly is a CISO and how can it benefit your organization?

What Is a CISO?

A Chief Information Security Officer (CISO) is a business leader focused on cybersecurity risk reduction. The CISO is responsible for an organization’s cybersecurity programs and policies. CISOs fulfill key roles in businesses. They are busy making sure that a company is well-protected. CISOs will maintain a strategy and vision for data security. They will establish policies and enforce them. They will work with vendors and suppliers. CISOs will focus on securing one of the most valuable assets most businesses have, their internal data.

Does Everyone Have One?

According to ISAACA’s 2017 State of Cybersecurity report, 65% of businesses now include the CISO position. How do the other 35% of organizations maintain and implement their data security strategy? Who establishes their data security policies? Who works with vendors and suppliers to reduce third-party security risks?

Our clients use in-house personnel for technical implementation but rely on our firm to provide the expert security guidance and assist with risk assessments, programs, policy and other cybersecurity advice. When speaking with other firms, there are definitely many who could benefit from a more structured approach to cybersecurity.

And Finally: How to Pronounce CISO

Text from our 2017 post:

If you googled “how to pronounce CISO,” you most likely didn’t get a clear answer. Microsoft Business did a poll on Twitter (displayed below) for one of the only statistical views into the “right” answer. Sure, it’s not a peer-reviewed article, so there is no need to treat the results as gospel. And yet, I was pleasantly surprised to see that more than half of those who answered pronounced it as I do: SEE-so.

We did a LinkedIn poll in June 2020. Here are the results:

It seems that the industry is converging on SEE-so. Note that respondents are heavily centered on the East Coast of the US. Other regions might have different pronunciation preferences. In Australia, for instance they pronounce it SIZE-o.

There is no “correct” pronunciation for CISO. “SEE-so” might be the most popular, but there are quite a few other valid choices. What actually matters is having one around to materially improve your cybersecurity posture. You can worry about how to pronounce CISO after your cybersecurity practices are in-line with your organization’s risk tolerance.

Improve Your Cybersecurity Posture

One challenge many organizations face is that they can’t afford to add a full-time CISO to the payroll. But they still have many needs to mitigate cybersecurity risk. We, at Fractional CISO, understand this perfectly. Which is why we act as your outsourced CISO.

To receive more great cybersecurity content for business leaders, sign up for our monthly newsletter: https://fractionalciso.com/newsletter/

And we don’t care how you pronounce CISO!

Rob Black, CISSP

Rob founded Fractional CISO in 2017 and has helped dozens of companies improve their security posture as a vCISO. He consults, speaks, and writes on IoT and security. Rob has held product security and corporate security leadership positions at PTC ThingWorx, Axeda and RSA Security. He received his MBA from the Kellogg School of Management and holds two Bachelor of Science degrees from Washington University in St. Louis in Computer Science and System Science and Engineering. He is also a Certified Information Systems Security Professional (CISSP).