Security leadership and value is being tied directly to business unit and organizational goals as the best measure of its contribution. So directly tied, that business unit leaders are paying for risk management and security as a direct service versus an allocation. Further, these internal customers view security as a consultancy, and they are routinely seeking their advice to understand and manage risks enabling them to reach their objectives. The transparency of this relationship allows the business unit to identify security’s value to achieving their goals, resulting in increased reliance, use and spending with security.
As organizations from businesses to hospitals and universities have become single, global entities, the recognition that security should also be a global enterprise with a consistent mission and leadership has evolved at the C-Suite level. A significant trend is the creation of “first” global security organizations led by “first” CSOs at major companies, including SAS Institute and ADP.