When companies decide to combine logical and physical security, one of the first challenges they face is finding a leader who has been exposed to both information security and physical security. Someone has to be put in place to create change. Who is this person? What is his skill set? Where can she be found? Does he or she actually exist?
I speak with both information security and physical security professionals every day, and when the conversation turns to who is best equipped to lead a converged security operation, I hear many opposing opinions. Usually, the opinion of the person to whom I'm speaking has a lot to do with his or her experience. Whose point of view is correct? I don't know for sure, but I can tell you about the conclusions reached by three companies that have recently contacted me for assistance in their search for a converged security leader. No opinions to share here, just facts.
Example 1: At one global company, the newly hired executive will have responsibility over information security, physical security, facilities security, business continuity, global supply chain security, brand and reputation protection, and all the facets of risk management that could be wrapped around the aforementioned topics. Nobody I spoke with possessed expertise in every topic. My client interviewed the top three CSO-tracked and top three CISO-tracked candidates I surfaced, each of whom had some exposure to each topic. After phone interviews, only the top three CISO-tracked professionals were invited in for face-to-face interviews. Each of these business-savvy professionals were technically sound, had significant exposure to physical-security issues and were each outstanding communicators and leaders.
Example 2: A 90-year-old global company that is used to dealing with physical security issues has recently experienced a change in its business model, causing the business to become more and more digitally driven. The company is creating a VP-level security role, and believes that 60 to 70 per cent of the new VP's responsibility will be the protection of electronic assets, while the remaining part of his or her job will be a mix of blended issues such as access controls and fraud detection/prevention, along with many purely physical issues. The search team has concluded that the most desirable candidate to address these needs will come from a strong information-security and risk-management background and will have some exposure to physical-security issues.
Example 3: Another global company recently discussed with me their plans to replace a retiring physical-security-focused CSO. Their intention is to hire someone with an 80 per cent information-security CISO skill set.
What does it mean?
In their own ways, each of these three companies came to the same conclusion. They have decided that 50 to 80 per cent of the skill set they need is an information-security skill set. They argue that an information-security-skilled executive should be able to bring the right blend of technical skills, business understanding and executive leadership to be successful in their newly created role. While this executive is not expected to be an expert in all physical security topics, he or she is expected to have enough exposure to the physical side to lead individuals on the team who possess physical security expertise.
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Discover the advantages of an open architecture multi-vendor network solution
Achieving the impossible: Unlimited application scalability
CRM your salespeople will love
Email Archiving Implementation: Five Costly Mistakes to Avoid
Everything you need to know about email and web security (but were afraid to ask)
IT Service Management Needs and Adoption Trends: An Analysis of a Global Survey of IT Executives
Making the Business Case for IT Consolidation
Gaining Competitive Advantage Through Enterprise Planning
Zones provide focussed content from Computerworld and leading technology partners.
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
FrontRange Solutions launches HEAT Plus Mobile to reduce help desk costs and improve service management productivity 2008-12-02 15:15:00+11
AARNet Helps to Advance Indigenous Health 2008-12-02 12:44:00+11
Orbis selects Telstra International as its data centre partner for the UK, Europe and Middle East Region 2008-12-02 11:23:00+11
ComOps Deploys Corporate Performance Reporting Solution For Healthcare Test Manufacturer 2008-12-02 10:09:00+11
Mornington Peninsula Shire implements Objective to manage knowledge and deliver service excellence 2008-12-02 09:56:00+11
Solve Exchange Mailbox Storage Issues Once and for All
Join industry expert Bob Spurzem and Chuck Arconi of Fox Hollow to discover how to reduce Exchange total storage and keep it at a manageable level. Learn how Exchange storage growth can be contained without sacrificing security and accessibility.
Buying Guides
Latest Products
Buying Guides
