Ten years ago it was unlikely that most companies had a designation called Chief Information Security Officer (CISO). Security was a least understood, under budgeted item in the corporate ecosystem. The chief threat was rogue viruses spreading through floppy disks which caused funny things to happen on computer screens and corrupt files. Hackers who created these viruses were regarded more as a nuisance that anything else.
In the years that followed, with the exponential growth of the Internet, externalization of corporate networks to customers, partners and suppliers and negative customer sentiment from security breaches; there was a rapid rise in financially motivated hackers, increased regulation and establishment of internationally accepted security standards. Security moved from being solely Information Technology Security or the IT department’s responsibility to Information Security, a corporate role in the overall organizational governance. This shift saw the emergence of the CISO.
Security is now shifting beyond simple compliance into the heart of business transformation using cloud and mobile computing. Conventional challenges are replaced by more insidious threats such as cyber protests, corporate espionage, whistleblowers, mutating targeted malware and customer security.
To adapt CISOs need to master five new skills; Business Acumen, Technology Understanding; Negotiation; Customer Advocacy and Cost/Implementation Focus. Read the full article on Search Security titled 5 CISO Skills for the Emerging Business Environment
No comments:
Post a Comment