The next generation of security leaders will be challenged in ways previous generations have not. They will be asked to manage and monitor more risks and to identify and address new risks, including those created by drastic shifts in business operation and philosophy. They will have to do this more quickly, with fewer resources in many cases, and they will be expected to think and strategize at a board of director’s level.
Business continues to change, and if the next generation of security leaders hopes to succeed, they must be prepared to change with it, says Dick Lefler, former VP & CSO of American Express and current Chairman and Dean of Emeritus Faculty for the Security Executive Council. This will require, among other things, a much more active pursuit of alignment with the organization’s structure, goals and strategies.
Security leadership and value is being tied directly to business unit and organizational goals as the best measure of its contribution. So directly tied, that business unit leaders are paying for risk management and security as a direct service versus an allocation. Further, these internal customers view security as a consultancy, and they are routinely seeking their advice to understand and manage risks enabling them to reach their objectives. The transparency of this relationship allows the business unit to identify security’s value to achieving their goals, resulting in increased reliance, use and spending with security.
The Security 500 tracks 19 vertical markets and collects unique data where appropriate (such as patients in healthcare) and applies this data to key metrics.
The tech sector is doing well for the most part, as demand remains relatively strong for IT hardware, software and services. But there remains concern over economic conditions.