The Chief Information Security Officer (CISO), or Security Leader may be new to some organizations, however the role has been emerging for almost 3 decades. The scope has changed, as well as where the CISO should report, though this still differs among organizations. This session will explore the 6 stages of evolution and guidance for determining where the security leader should report in 2025.