Thursday, December 01, 2005

Infosec takes business approach

Increasingly, corporate security goals aren't about information security but about information assurance, which deals with issues like data availability and integrity.

Regulatory compliance issues and concern over data compromises have brought information security issues to the forefront in corporate boardrooms, according to a panel of I.T. security managers at the Computer Security Institute.

That trend is forcing security managers to adopt a more business-oriented approach to creating security strategies. Selling management on the need for information security has become easier for I.T. managers because of privacy threats, data piracy and other issues, said Terri Curran, director of information security at Framingham, Mass.-based Bose Corp. "In a sense, the road has been paved more for us. Management knows they've got to have security."

Looking ahead, the team predicted that CISOs will have two distinct career paths: a technology-focused position that reports to the CIO, and a business-focused role that works with chief risk officers.

CATEGORIES: 1risk management, 1panel, 1trends, 1rosi, 1compliance
Rate this post: (Provided by NewsGator)


Post a Comment

Links to this post:

Create a Link

<< Home