Time to be world class!

Any Corporation should demote the CIO to a Senior Director given the tasks are very much changed. New C-suite positions are needed. The CISO is more critical to operations now. Thus, the CISO position should not need an MBA instead have education in threat intelligence and incident response. An advanced degree means nothing to hackers and APTs. Even NIST revising their CSF to add governance without any evidence or proof that changing the Incident Response process shows how disconnected policy people are from the trenches!!! My background is much different than so many, “old school” through to “now school”. Yes. “Now” is much different than new. I consult in the Federal Government space.