There are many debates as to where the information and information systems security (InfoSec), now generally referred to as cyber security, and the information systems security officer (ISSO), now commonly referred to as the cyber security officer, position fit in a company or government entity. Some believe they belong in the information technology (IT) department, others say they belong in the security department. Others believe the position should report to the corporate executive officer (CEO), corporate information officer (CIO), or some level of executive management other than the two mentioned.

The IT people may want control of the cyber security function so that they can ensure ...