PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
May 2014 Vol. 16 / No. 4

Filling the CISO role: Is there any reason enterprises shouldn't?

Due to a string of high-profile data breaches -- and embarrassing incidents like the National Security Agency leaks committed by Edward Snowden -- more companies are debating the business necessity of having good security practices in place. While vendors emphasize the importance of new technology in mitigating security incidents, a number of organizations seem to be overlooking an obvious hole: the lack of a dedicated security pro in the CISO role. I'm amazed to hear that large organizations still don't have a CISO. When it comes down to it, I don't really know too many businesses that can operate without [IT], and security is just a fundamental component of everything that companies have to do now. Chris Ray, CISO, Epsilon The role of chief information security officer has been around for nearly two decades, since Citigroup recruited industry veteran Stephen Katz to fill the position in 1995. Still, despite the increasing prominence of both the position and information security as whole, some large organizations still forgo ...

Features in this issue

Columns in this issue