TechTaffy

tech:

taffy

IBM Study Reveals Shifting Chief Information Security Executives Roles

By TechTaffy Desk

 

[Techtaffy Newsdesk]

 A new IBM study reveals an evolution in information security organizations and their leaders; with 25 percent of security chiefs surveyed shifting from a technology focus to strategic business leadership role.

IBM’s Center for Applied Insights interviewed 138 security leaders globally and discovered three types of leaders based on breach preparedness and overall security maturity. Representing about a quarter of those interviewed, the “Influencer” senior security executives typically influenced business strategies of their firms and were more confident and prepared than their peers—the “Protectors” and “Responders.”

Overall, all security leaders today are under intense pressure, charged with protecting some of their firm’s most valuable assets – money, customer data, intellectual property and brand.  Nearly two-thirds of Chief Information Security Executives (CISOs) surveyed say their senior executives are paying more attention to security today than they were two years ago, with a series of high-profile hacking and data breaches convincing them of the key role that security has to play in the modern enterprise. More than half of respondents cited mobile security as a primary technology concern over the next two years.  Nearly two-thirds of respondents expect information security spend to increase over the next two years and of those, 87 percent expect double-digit increases.

Rather than just reactively responding to security incidents, the CISO’s role is shifting more towards intelligent and holistic risk management– from fire-fighting to anticipating and mitigating fires before they start.  Several characteristics emerged as notable features among the mature security practices of “Influencers” in a variety of organizations:

  • Security seen as a business (versus technology) imperative: 60 percent of the advanced organizations named security as a regular boardroom topic, compared to only 22 percent of the least advanced organizations.  These leaders understand the need for more pervasive risk awareness – and are far more focused on enterprise-wide education, collaboration and communications.  Sixty-eight percent of advanced organizations had a risk committee, versus only 26percent in the least advanced group.
  • Use of data-driven decision making and measurement: Leading organizations are twice as likely to use metrics to monitor progress, the assessment showed (59 percent v. 26 percent).
  • Shared budgetary responsibility with the C-suite: The assessment showed that within most organizations, CIOs typically have control over the information security budget. However, among highly ranked organizations, investment authority lies with business leaders more often. In the most advanced organizations, CEOs were just as likely as CIOs to be steering information security budgets. Lower ranking organizations often lacked a dedicated budget line item altogether, indicating a more tactical, fragmented approach to security.  Seventy-one percent of advanced organizations had a dedicated security budget line item compared to 27 percent of the least mature group.

The IBM Center for Applied Insights study, “Finding a strategic voice: Insights from the 2012 IBM Chief Information Security Officer Assessment,” included organizations spanning a broad range of industries and seven countries. During the first quarter of 2012, the Center conducted double-blind interviews with 138 senior business and IT executives responsible for information security in their enterprises.  Nearly 20 percent of the respondents lead information security in enterprises with more than 10,000 employees; 55 percent are in enterprises with 1,000 to 9,999 employees.

[Image Courtesy: IBM]

Just in

AI

AI is ‘a new kind of digital species,’ Microsoft AI chief says — Quartz

Mustafa Suleyman, chief executive of Microsoft AI, said during a talk at TED 2024 that AI is the newest wave of creation since the start of life on Earth, and that “we are in the fastest and most consequential wave ever,” writes Britney Nguyen in Quartz.
Around the web

It’s baaack! Microsoft and IBM open source MS-DOS 4.0 — ZDNet

Microsoft and IBM have joined forces to open-source the 1988 operating system MS-DOS 4.0 under the MIT License, writes Steven Vaughan-Nichols. 
AI

Generative AI arrives in the gene editing world of CRISPR — NYT

New AI technology is generating blueprints for microscopic biological mechanisms that can edit your DNA, pointing to a future when scientists can battle illness and diseases with even greater precision and speed than they can today, writes Cade Metz.
AI

Estée Lauder, Microsoft to build AI Innovation Lab

The Estée Lauder Companies (ELC) and Microsoft Corp. announced the creation of an AI Innovation Lab to expand their global strategic relationship.
Around the web

Mark Zuckerberg says Meta will offer its virtual reality OS to hardware companies, creating iPhone versus Android dynamic — CNBC

Meta will partner with external hardware companies, including Lenovo, Microsoft and Asus, to build virtual reality headsets using the company’s Meta Horizon operating system, writes Kif Leswing.