Tony Jarjoura is CFO of Gigamon.
The roles of chief financial officers and chief information security officers are converging in ways we haven’t seen before. These positions were once siloed, but today, they share joint ownership over modern risk demands. While historically CFOs focused on financial oversight and CISOs focused on protecting systems and data, today they are united by a common concern: risk. They’re simply approaching it from different angles.
This is no longer about occasional collaboration. CFOs and CISOs have become strategic allies, forming a core partnership that ensures companies remain secure, agile, resilient and financially sound in the age of rapid digital transformation.
Long gone are the days when CFOs were transactional players, primarily tasked with approving security budgets or analyzing cost-benefit equations. Over the past decade, the role has shifted to supporting and securing digital transformation itself, and few technologies have amplified that shift more than AI.
With AI redefining enterprise risk at breakneck speed, CFOs and CISOs must now lock arms to address challenges ranging from cyberattacks to market volatility to growing board scrutiny.
The Universal Language Is ‘Risk’
If there’s one word that bridges the CFO and CISO disciplines, it’s risk. Both leaders are driven by it, measured against it and judged on how effectively they mitigate it. From financial risk to reputational fallout to the ever-present threat of cyber risk, the costs are steep and the visibility is high throughout the organization.
Boards understand this, too. Security is no longer treated as a purely technical conversation. It’s mission-critical. And when boards look for answers, they’re turning to CFOs and CISOs together. They want to know how risks are managed, how resources are prioritized and whether protection is balanced with growth.
This shared lens is redefining accountability. When security incidents occur, they aren’t isolated IT issues. They reverberate through balance sheets, investor confidence and customer trust. That’s why the CFO and CISO relationship is so crucial.
Security Spending Through A Financial Lens
CFOs play a critical role in helping CISOs translate the value of security investments into financial and strategic terms. CISOs may excel at assessing threats and evaluating tools, but they don’t always frame those decisions in terms of capital allocation or long-term value creation. This is where the CFO’s expertise can help make the right decision for the entire organization.
The pressure to justify every dollar spent has never been higher. CFOs bring discipline to ensure security investments align with long-term business value, compliance obligations and regulatory expectations. Without that financial framing, organizations risk underfunding or misallocating critical defenses.
Consider the ongoing confusion around who owns the security budget. A Gigamon survey shows that while 52% of CISOs believe they control it, only 8% of other C-suite peers agree. That disconnect highlights not just a budgeting issue, but a lack of partnership and communication. It’s a gap that CFO-CISO alignment can bridge.
This clarity becomes even more essential in the age of AI. The rush to adopt AI tools has created decentralized and fragmented risk. Individual business units are adopting tools independently, often without a cohesive security or governance model. Agentic AI systems, open-source models and unsecured endpoints are exponentially expanding the attack surface. CFO-CISO alignment ensures centralized oversight, balancing financial governance with risk governance to prevent AI investments from becoming existential vulnerabilities.
AI is perhaps the most formidable innovation we’ve faced. Its architecture is often open, its pace of adjustments is daunting and its potential for misuse is unprecedented. In this environment, CFO and CISO alignment is fundamental to long-term success.
How To Build A Stronger CFO-CISO Partnership
To thrive in this new era, CFOs and CISOs must actively cultivate their partnership. That means:
1. Shift conversations from transactional to strategic.
The days of CFOs simply approving/denying budget requests are over. Discussions must evolve from cost controls to high-level strategy. Instead of evaluating one-off purchases, the CFO and CISO should align on a roadmap for AI investments. A centralized, secure approach to AI investment can maximize ROI while ensuring compliance, far more effectively than siloed departmental purchases.
For example, I meet with our chief security officer weekly, which is a big change from how we operated 10 years ago. I’ve found that removing autonomy and encouraging collaboration helps us achieve our goals not only as teams but also as an organization.
2. Get comfortable being uncomfortable.
Strong partnerships thrive on candor. CFOs and CISOs should be asking the tough “what if” questions: “What if we’re not covered? What if there is a data breach? What if this scenario unfolds?” These questions, though uncomfortable, foster trust, resilience and foresight. Having these conversations privately prepares leaders for public scrutiny when incidents inevitably arise.
3. Create cross-functional visibility.
A strong partnership shouldn’t exist only at the executive level. Transparency and collaboration must extend across the organization. Operational staff are often the first to notice anomalies.
Consider a junior finance team member spotting a suspicious email requesting a wire transfer from the CEO. By flagging it and having IT step in, a phishing attempt can be stopped before it escalates into a full-blown crisis. This underscores why vigilance must be modeled at the top, yet practiced across all levels.
My finance team routinely works closely with our security and IT teams, and we foster that collaboration at every level. I’ve found that we can achieve goals through closer collaboration, tool consolidation and team empowerment. And above all, this constant interaction helps us to be much more proactive versus reactive. We can anticipate problems and solutions better together.
From Risk To Resilience
The pressures on organizations are immense and competing—cloud complexity, regulatory scrutiny, AI disruption and market volatility. To navigate them, companies need leaders who can unify financial and security perspectives into a cohesive strategy.
That’s why the CFO-CISO relationship is foundational to resilience and growth in the age of AI. By aligning on risk, translating investments into business value and modeling cross-functional collaboration, CFOs and CISOs can lead their organizations through one of the most disruptive periods in modern history and come out stronger on the other side.
Forbes Finance Council is an invitation-only organization for executives in successful accounting, financial planning and wealth management firms. Do I qualify?