Everywhere I go, security is a top issue. In every interview, when I ask for the top five concerns, invariably security comes up. Plus in surveys of IT managers, it’s a consistent hot item. So what does it take to be a good CISO (Chief Information Security Officer)? Where should you be heading in your security plans? I found this article hits the bulls-eye and it’s worth a quick scan. I have taken some excerpts and included an interview, both of which answer these questions and give you roadmaps for your security plans.
In the piece, Gartner projects 65% of the largest companies will have a CISO. The role has changed “dramatically from a [sentry] role to being a business [enabler]…have business process defined…identity management processed defined...internal processes defined…diplomacy skills—the ability to partner with business units—very strong project management skills…business managers who are enabling business in a secure way versus those focused on security only.” The article goes on to say, the successful CISO has to manage traditional outside threats and securely: expand the company’s perimeter, allow customers/partners to collaborate, ensure employees are working securely and meeting regulatory-compliance.
These views are inline with an audio interview I just finished with Rosaleen Citron, CEO of WhiteHat Inc., a top security firm. She also provides some good tips on security. Rushed for time! Then use the time index to move to the topics you are interested in.
If you have thoughts on this changing role in your company or effective security tips, we would like to hear them…