SHAWN PARTRIDGE CONTINUALLY nudges his staff and his superiors at Rockford Construction in Grand Rapids,Mich., to view information security-and IT in general-as a means to bring about positive changes for an industry beset by economic woes.

"Until I came here, IT was a support mechanism," says Partridge, whose company has no CIO. "It was seen as a cost center only."

Since Partridge, vice president of IT, implemented Web portals to make site management easier, employees "used to running projects with a walkietalkie and a pad of paper" are not only embracing the new technology but are helping him evangelize the importance of good security habits. "We implement different levels of access" for foremen, customers, and others with a stake in a project, Partridge says.

As threats to corporate data grow, putting organizations' reputation and revenue on the line, many CIOs and IT executives view information security with appropriate urgency. They're working to elevate security in the enterprise by expanding their roles and responsibilities, teaming up with CISOs or by occupying dual roles-leading both IT and information security efforts.

For its part, the American Red Cross initially created and filled its CISO spot about six years ago, says Mark Weischedel, CIO at the Washington, D.C.-based emergency response organization. Since then, the CISO'...

"In the beginning it was all about policy and strategy," says Weischedel, who reports to the organization's CEO. "The CISO position was very highly leveraged, and the capabilities were very limited. Since then, we have added more technical depth, plus we are pushing out more [to the CISO] in terms of [security] policy, compliance, education and awareness."

He adds that a steady stream of attacks has elevated information security's importance across the organization. "They are an everyday occurrence, but unless you are immersed [in information security], you won't understand the risk enough to develop an effective level of controls" with which to respond to them, he says.

Suzanne Hall, named to the CISO post in October, says that the placement of the CISO and CIO within the Red Cross' hierarchy weighed heavily in her decision to accept the job. She reports to Weischedel.

"Mark and I had conversations about this during the recruitment process," says Hall, who most recently served as CIO at Lerner Enterprises, a real estate development company based in Rockville, Md., that also owns the Washington Nationals baseball team.

"I felt very confident that there was a strong synergy between the CISO and the CIO here, and I know that the CIO has a seat at the table with the CEO."

< PREV PAGE   |   1  |   2  |   3  |   4  |   NEXT PAGE  >