The Chief Information Security Officer (CISO) is a senior executive within a company who's primary duty is to protect the organization's data and systems from cyber-attacks. A CISO should have a thorough knowledge of the company's information security structure, policies, and procedures, and the weaknesses and capabilities of the organization's IT (IT) infrastructure. A CISO is accountable for managing and leading the organization's security operations. This includes incident response and recovery.