The survey was conducted in Asia Pacific, North America, Europe, Japan, Brazil, South Africa and the Middle East. There were 154 responses from North America, 114 from Europe, 118 in APAC including 18 responses from Australian executives, 10 responses from Brazil, eight from South Africa and six responses from the Middle East.
In response, IDC Australia senior market analyst Vern Hue told CIO Australia that the firm doesn't have a view that there will an "immediate new role" of a DRO established.
However, he said that there is a shift in how the chief information security officer (CISO) and chief security officer (CSO) roles are evolving to take on a more active role in cyber risk -- both in terms of outlining frameworks and mitigation.
"Currently, most CISOs and CSOs also wear that hat particularly with the mitigation part of it, and that portion usually sits under the IT umbrella. But with more impending legislation in play, the risk framework is increasingly becoming more important and that will require a different mind and skillset that would deal primarily with the legal and operations teams," he said.
"What Gartner describes as the DRO will have to deal with simplifying procedural issues, as currently, most processes in today's corporations are cumbersome and involve too many manual processes."
Sign up for CIO Asia eNewsletters.