Information security and risk management responsibilities are continuing to be combined into the role of CSOs and CISOs — and this combining of responsibilities also comes with an increase in spending on security/risk management initiatives. This information comes from a recent Wisegate study, which found not only what security executives
The motivating factors driving increased risk management responsibilities for information security executives at organizations vary. When asked to cite their two primary drivers, the majority of survey respondents, 73 percent, said that general compliance requirements were one of the main reasons for the convergence, followed by the general threat landscape at 53 percent. Thirty-three percent said that their companies were doing it because it was the “right thing to do,” 26 percent reported experiencing a “recent security close call without external reporting requirements” as a primary driver and 20 percent said they were making the move due to a “recent security incident requiring external notification.
“ Privacy and compliance is a growing factor in the success of the enterprise, and with that increased importance comes a focus on the security executive and sound IT practices. The message is clear: cyber security and data protection will become a primary focus in any business, so be ready to enable that role and responsibility.