Key Article Highlights

  • Commvault and TIME Magazine have launched the inaugural TIME CISO of the Year recognition program, announced at the opening of RSA Conference 2026.
  • The award recognizes senior security leaders who are advancing resilience operations (ResOps) as the standard for modern enterprise security — unifying people, processes, and technology in a continuous, integrated operational discipline.
  • The partnership elevates the CISO role to mainstream business leadership visibility, coinciding with TIME’s inaugural Executives of the Year tech and data list, where the CISO of the Year will be added as the 51st honoree.
  • Nominations are open March 23 through June 20, 2026. Any senior security leader — including those without the formal CISO title — is eligible. Self-nominations are accepted. Visit Commvault to submit.
  • Top 20 finalists will be announced in July 2026; the winner will be revealed in September 2026, with a TIME Awards dinner in October.
  • The award reflects a fundamental shift in the CISO role — from technical defender to strategic business leader responsible for organizational resilience, business continuity, and AI-era security posture.
  • Gartner projects that by 2028, 50% of CISO programs will be rebranded from cybersecurity programs to cyber resiliency programs — a recognition that prevention alone is no longer sufficient.

The CISO Gets a Spotlight: Commvault and TIME Launch Inaugural CISO of the Year Award

The security industry has spent decades debating the future of the CISO role. With the launch of the inaugural TIME CISO of the Year recognition program — announced jointly by Commvault and TIME Magazine at RSA Conference 2026 — that debate is being elevated to a global audience. And it couldn’t come at a more consequential moment.

I sat down with Commvault CMO Anna Griffin to dig into the partnership, the criteria, and what this recognition signals about where enterprise security leadership is headed.

Watch the full interview here:

From Technical Defender to Strategic Imperative

The impetus for this program, Griffin explained, is straightforward: the CISO role has fundamentally transformed, and that transformation deserves recognition at scale.

“The cybersecurity playbook for decades was pretty straightforward,” Griffin told me. “You build the wall higher, you invest in defense, you keep the adversaries out. That work remains essential. But prevention does not lose its importance — it has to gain a new partner.” That partner is recovery. And the organizations getting this right are treating defense and recovery not as opposing priorities, but as complementary, interconnected capabilities tied directly to business outcomes.

This is the operating philosophy behind what Commvault calls ResOps — resilience operations — and it’s the lens through which the CISO of the Year award was designed. ResOps is an operational discipline that unifies security and IT teams, people, processes, and technology into a continuous, real-time mechanism for detection, response, and recovery. It’s not a checklist. It’s not a tabletop exercise that gets filed away. It’s a practice — and the companies doing it well never let the business go down.

Why TIME, and Why Now

TIME Magazine’s involvement is deliberate and significant. TIME’s CEO Mark Howard called it “an important moment to shine a light on security leaders who are protecting organizations for a more resilient future.” That editorial alignment isn’t just marketing language; it reflects a genuine shift in how business media understands the CISO’s place in the enterprise.

The CISO of the Year honoree will be designated the 51st person on TIME’s inaugural Executives of the Year tech and data list — positioned alongside the broadest tier of technology leadership. That’s not a footnote. That’s a statement.

Commvault’s CFO Bill O’Connell put it plainly in the program announcement: “The role of the CISO has evolved into one of the most consequential leadership positions in the enterprise.” As someone who’s spent years covering enterprise security with deep expertise in marketing brand strategy, I’ll tell you — that’s not marketing language. That’s an accurate read of where the role has arrived.

The CISO of 2026 Looks Different

Today’s CISO is not just a technical defender. They’re a business strategist, an organizational unifier, and increasingly, an enabler of innovation — including AI adoption. They sit at the intersection of the CIO, the CFO, and the board, where resilience has become a board-level conversation. Gartner projects that by 2028, 50% of all CISO programs will be rebranded from cybersecurity programs to cyber resiliency programs. The trajectory is clear.

What makes this award timely is that it’s framed around business outcomes, not breach counts, not tooling portfolios. The strongest nominations will demonstrate a fundamentally more integrated and resilient security posture: teams that have trained together, processes that work cross-functionally, and an organizational culture where resiliency isn’t an IT initiative, it’s a business imperative.

Who Should Be Nominated — and How

The program is open to senior-level security leaders — CISO-level roles — though Commvault recognizes that the function is structured differently across organizations. You don’t need the exact title. You do need to demonstrate the kind of ResOps principles that reflect operational maturity: aligned people and processes, visibility and observability, continuous detection and micro-recovery capabilities, and a clear line from security practice to business outcomes.

Nominees can be submitted by peers, colleagues, partners, or themselves. Every entry will receive a phone interview with industry luminaries and customer advisors. From there, finalists will be invited to exclusive CISO roundtable dinners in London, New York, San Francisco, and Singapore, as well as networking at the FIFA World Cup. The process closes June 20, 2026, with the top 20 finalists announced in July, and the winner revealed by TIME in September at a dedicated awards dinner in October.

To submit a nomination, visit Commvault here.

What This Award Is Really Saying

At its core, the TIME CISO of the Year program is making a cultural bet — that the security leader of the AI era deserves the same mainstream recognition as any other consequential business executive. And that the criteria for what constitutes great security leadership have changed.

“The people who are going to create real change and readiness are going to break the playbook,” Griffin said, “and have the courage to build something new.” Courage. Boldness. Fellowship. That’s the profile this award is designed to celebrate.

If you know a security leader who embodies that, nominate them. The industry is watching, and so is TIME.

 

This article was originally published on LinkedIn.

 

Read more of my coverage:

Why S3 Data Protection Is Now a Business Resilience Imperative

Unlocking the Hidden Value: How Commvault’s Data Rooms Transform Backup Data into AI Assets