Monday | 6 July, 2009
CSO
CSOs need to keep evolving, CA security exec says
CA executive urges CSOs at RSA Conference to strategize and make themselves heard
Network World staff (Network World) 14/04/2008 08:18:40
Page:

The CSO has an important role to play. In an Enterprise IT Management environment, the CSO is not simply an enforcer of polices and procedures, but rather a key architect in designing an IT environment that will take an organization to the next level of business success.

Let me explain a bit more on what I mean. IT organizations used to be viewed as tactical necessities and cost centers. Poorly managed ones still are. By contrast, a sound IT organization functions as a strategic line of business and a core contributor to corporate success.

The CSO's role is elevated. To ensure that level of success, it is not enough to reduce risk and cost or to improve service; IT must be managed as a business and must coordinate with the lines of business. It must incorporate disciplined budget and capital-allocation processes, it must align the portfolio of projects with strategic corporate needs, and it must strive to provide business services that are ever more cost-effective.

At each step, IT processes must be secured. In this vision security is never an after-thought; it is part of the essential DNA of the IT environment.

I showed you a film earlier. It was supposed to be funny. But it was also intended to make a point. If you're a CIO and you don't know where your Chief Security Officer sits, you're probably missing a critical component in your strategic planning.

And if you're a CSO you need to ensure that:

1. You are serving as a security strategist in the organization. Don't allow yourself to be consumed by the day-to-day tactical demands of the job. Build a strong team so that you can deliver value to the C-suite.

2. Increase your visibility within the organization.

3. Achieve items one and two by communicating. If security is to become part of the fabric of the organization, your voice must be heard on a wide variety of issues at critical phases in the business strategy process.

An effective enterprise simply cannot exist unless governance, management and security are at the core.

In short, there should be no mystery about where the Chief Security Officer is -- because the CSO will have a seat at the table whenever strategic decisions are made.

To view a video of the address, go here.

Page:
More about Provision, Mojo, CA, HP, Billion, ProVision, Paradigm, Leader, PLUS, RSA, ACT, Evolve, Bill, Microsoft, Mastercard, Hewlett-Packard, Leader Computers

Comments

Post new comment

Login or register to link comments to your user profile, or you may also post a comment without being logged in.
The content of this field is kept private and will not be shown publicly.
Enter the fully qualified URL, eg. http://www.example.com/
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options

Add to Google
Additional Resources
Newsletter Subscription
Sign up for our CSO Online newsletters!
RSS Feeds
Syndicate content
 
Get a job Careerone
Whitepaper


Read Whitepaper

Reducing the risk of insider abuse

The potential for insider abuse can never be eliminated completely, but the steps outlined in this white paper can reduce the potential for such abuse. Read on to ensure no one person can alter your operations to their personal advantage or to the detriment of your organisation.

Sponsored Links