CISOs and COOs need to improve their relationships!

DarkReading.com reported that “Digital transformation has made cybersecurity preparation part of operational resilience for most organizations. This calls for a new relationship between CISOs and COOs.”  The December 12, 2025 article entitled " The CISO-COO Partnership: Protecting Operational Excellence” (https://www.darkreading.com/cybersecurity-operations/the-ciso-coo-partnership-protecting-operational-excellence) included these comments:

At first glance, the chief information security officer (CISO) and chief operating officer (COO) appear to operate in fundamentally different worlds — perhaps even at odds with one another. While the CISO is preoccupied with threat vectors, vulnerabilities, and intrusions, the COO obsesses over margins, uptime, and efficiency. 

However, the digitally transformed enterprise demands CISOs and COOs build strong, intentional partnerships — not because security leaders suddenly care about cost per transaction or supply chain process optimization, but because downtime from cyberattacks has become an existential operational risk that every COO must actively manage. Modern operations are entirely digital, and operational excellence is inseparable from cybersecurity resilience. 

"CISOs should treat the COO relationship as a top-tier relationship alongside the CEO/CFO because operations disruption is often the business's biggest practical risk," says David Elfering, director of security at transportation company Carrix. 

Cyber-resilience represents an organization's ability to prepare for, respond to, and recover from cyber threats while maintaining business operations throughout the incident life cycle. This doesn't merely cover the recovery after an attack; it's the ability to function continuously, even while under active threat. 

Sounds like good advice!