The relationship between Chief Information Security Officers (CISOs) and Chief Information Officers (CIOs) can be complex; while the former are tasked with ensuring the security of an organization’s information assets, the latter have more diverse and often conflicting sets of priorities. This can result in a tension between the two roles that has the potential for either a dysfunctional dynamic or one that can result in optimal solutions to difficult problems.

Please join us for a panel session with representatives from both roles who will discuss and attempt to answer such questions as: Should a CISO always disclose everything they know to their CIO, even if they are bound by external information sharing agreements? What are the possible short and long term consequences of disclosure, or failure to disclose? Does it still makes sense for CISOs to report into the IT branch of an organization? Did it ever?

Note: There will be no slides provided for this session.


Brian Mackay

Associate Vice-President, Technology and Chief Information Officer, Douglas College


Dave Kubert

IT Security Officer, University of Northern British Columbia


Hugh Burley

Director Information Security/Information Security Officer, Thompson Rivers University/BCNET


Mark Roman

Chief Information Officer, Simon Fraser University


Wency Lum

Chief Information Officer, University of Victoria