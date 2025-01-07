For chief information security officers (CISOs) still looking to set some professional goals for the New Year, or to expand on a list they’ve already compiled, consider strengthening the relationship with your organisation’s legal function.

You may well have already spent a great deal of time building bridges with company lawyers. After all, it’s now a significant aspect of the modern CISO role, according to the 2024 Global CISO Organisation and Compensation Survey from executive recruitment firm Heidrick & Struggles, a poll of over 400 CISOs worldwide.

When asked which functions they spend most time working and consulting with, the top two responses offered by respondents involved other IT professionals, with network, cloud and engineering groups in first place, and software development and product development/engineering in second place. In third place was legal, compliance and risk – way ahead of finance, HR or the board of directors.

In 2025, the links between cyber security and legal teams need to be closer than ever, because around the world, the IT security function – and the people who lead it – are increasingly the target of new regulations and sharp government scrutiny.