The CISO’s role is shifting from IT security administrator, babysitting firewalls and cleaning malware from infected systems, to holistic risk management – from fire fighting to anticipating fires before they start, according to the new Wisegate report.
According to a poll conducted during a Wisegate member discussion, nearly all of the participants had dual responsibilities.
Leaders of forward-thinking organizations understand the need for more pervasive risk awareness – and are far more focused on enterprise-wide education, collaboration, and communications. The new breed of CISOs is taking systemic approaches to security issues that span legal, business operations, finance, and human resources, the report found.
As part of this shift in CISO responsibilities, organizations are spending more on risk management. A recent Wisegate poll asked members, “Can you please comment on whether you see spending on security/risk management initiatives trending in parallel to your overall IT spend, or is there more/less focus on funding security/risk management initiatives when compared to overall IT spend?”
While 60% of Wisegate members said they expected no change, a full 40% said they expected increase spending on security/risk management, with no members expecting a decline in spending in that area.
The Wisegate report dovetails with other surveys that have found similar trends. For instance, a recent IBM survey found that CISOs are increasingly becoming influencers and protectors, as well as responders, within their organizations.