As the world becomes more interconnected and dependent on information technology, security is a persistent concern that must be addressed not just with eternal vigilance, but with new approaches, tools, and leadership. Many forward-thinking enterprises are addressing leadership by naming a CISO — Chief Information Security Officer.
IBM has just completed an assessment of CISOs and other executives charged with protecting vital information assets to find out how they’re protecting the enterprise and what’s on their minds as they look to the future. They indicate clearly that security is commanding the attention of the leadership team, and they’re seeing spending on security increase to meet the challenge.
IBM’s Center for Applied Insights, which gathered and analyzed the assessment data and wrote the report, found that information security leaders could be clustered into one of three broad groups: Influencers, Protectors, and Responders.
The Influencers see their security organizations as progressive, ranking themselves highly in both maturity and preparedness. These security leaders have both business influence and authority – and are becoming a strategic voice in the enterprise.
With explosive growth in connectivity and collaboration, information security is becoming increasingly complex and difficult to manage. Yet, some security organizations are rising to the challenge. Our research reveals a distinct pattern of progression – and distinguishing traits of those that are most confident and capable.
These forward-thinkers are taking a more proactive, integrated and strategic approach to security, highlighting models worth emulating and the emerging business leadership role of the Chief Information Security Officer (CISO).
To download a copy of the 2012 Chief Information Security Officer Assessment report, visit the Security and Resilience website on ibm.com.