This article can also be found in the Premium Editorial Download "Information Security magazine: CISO survival guide: 18 of the best security tips."

Download it now to read this article plus other related content.

With all the evolving regulatory requirements, it also helps if security officers have some legal know-how, says Michael Rasmussen, a vice president at Forrester. They can't necessarily rely on corporate counsel to keep up with the IT impacts of various regulations.

"The CISO definitely needs legal skills today as compliance has been one of the No. 1 drivers of security in the last couple years," he says.

Burton's Fredriksen says industry organizations such as BITS, a consortium of financial-services C-level executives, can help security professionals keep up with emerging legislation and regulatory issues. Proactive security officers get involved and participate in the public processes related to proposed legislation and are ready to offer their organizations thoughtful advice on new issues, he adds.

Others agree that it's important for security officers to be active not just inside their organization but outside as well: "Whether you're affecting legislation that could impact your corporation or whether it's just being an advocate for education in information security in the academic world," says Northrop Grumman's McKnight.

Maintaining strong peer relationships also can help a CISO succeed, he says. For example, he can call peers at other companies to learn how they handled a particular issue.

More and more, the CISO is transitioning from a security-focused role to a holistic risk management role, McKnight says. "There are trade-offs, certain

    Requires Free Membership to View

levels of risk you're willing to take," he says. "Defining that risk for the company and the business owners is essential."

Forrester's Kark predicts that the CISO job of the future will be more about information assurance rather than information protection.

This was first published in July 2007

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: