Newsletters:
CIO Update
News
Read More in News »

Rise of the Chief Security Officer

March 25, 2002
By

Cynthia Flash






Add "Chief Security Officer" to the list of must-have C-level positions at large corporations. That's the advice of information security analysts who are telling clients to hire a top executive to oversee their company's IT security. Slowly, they are seeing companies move in that direction.

Companies began to focus on security even before the Sept. 11 terrorist attacks. But since then some have made serious moves to ensure security of their IT systems by naming a chief security officer or chief information security officer to plan and oversee information security for the entire corporation.

Microsoft named a chief security officer in January to develop strategies to enhance the security of Microsoft products, services and infrastructures. AOL Time Warner created a new chief security officer position in early 2002 to oversee and coordinate AOL Time Warner's worldwide security policies and operations.

Related Stories
Curbing Security Threats is Red Cross Exec's Priority: The first chief information security officer at the Red Cross talks about protecting networks and data - and why the CISO position is surfacing in enterprises like his.

Chief Security Officers' Pay Varies Widely: CSOs in financial services can expect to earn significantly more than their counterparts in utilities, manufacturing and other fields.

Companies Confront Rising Network Security Threats : Many companies aren't doing nearly enough to protect their networks from increasingly potent and global threats.

Related Articles

Other technology companies, including Oracle, Hewlett-Packard and Exodus Communications, already had chief security officers in place.

But technology companies aren't the only ones to recognize the need to have one person in charge of security. General Electric has a chief security officer. Management consulting firm Booz Allen Hamilton in January surveyed firms with more than $1 billion in annual revenues and found that 54% of the 72 chief executive officers it surveyed have a chief security officer in place. Ninety percent have been in that position for more than two years.

When there is no chief security officer in place, chief information officers are more likely than other executives to have security responsibilities, the survey found.

In the forefront

Financial institutions led the effort to hire chief security officers more than a year ago. They did so to meet new federal accounting standards to ensure that information systems that were being used to control financial records were secure, says Christian Byrnes, vice president for security programs for market researcher Meta Group. Technology companies followed.

Health care providers will be next as they work to comply with the federal Health Insurance Portability and Accountability Act (HIPAA), which requires that health care providers ensure the security of electronically transferred health records.

One of those providers is Bayshore Community Health Services in Holmdel, N.J. The company has already conducted a security assessment and is working to fix any problems that were found, says Linda Woods, chief information officer and privacy officer. "I think we're one of the first institutions to have a security assessment," says Woods, who also acts as chief security officer although she doesn't carry the title. "A lot of people are saying 'Let's wait until the regulations are finalized.' We wanted to have our assessment done as soon as possible. We wanted to start correcting things if there were any issues."

Although the chief information officer often times oversees information security, Byrnes and Yankee Group security analyst Matthew Kovar say CIOs have to deal with agendas that can conflict with security. They have to balance the needs of the chief operating officer who wants to save money, along with network administrators who want to guarantee open networks regardless of the need for security.

"The network staff tries to be responsible to the demands from the business side and sometimes those demands are not consistent with both the needs for security and current (IT) architecture," Byrnes says.

Continued...



Tags:
1 2

IT Offers






 
On the Forums
Visit the Forums »

Partners
Partner With Us














More IT Management
CIO Update
Datamation
eSecurity Planet
ITSMWatch
Intranet Journal
IT Career Planet
Project Manager Planet
Semantic Web
Datamation Definitions
IT Product Watch







The Network for Technology Professionals

Search:

About Internet.com

Legal Notices, Licensing, Permissions, Privacy Policy.
Advertise | Newsletters | E-mail Offers

Solutions

Whitepapers and eBooks

Article: Adobe Helps PHP Developers Create Rich Internet Applications
Case Study: Microsoft IT Strengthens Security with Data Loss Prevention Solution
Article: Reduce Your Infrastructure Costs with Microsoft System Center
Intel Brief: Five-Star IT Support--Intel Core 2 processor with vPro Delivers ROI of 524 Percent
Article: Security Enhancements Abound in Windows Server 2008
Article: Enterprise Social Computing with Microsoft SharePoint 2010
Intel Whitepaper: Implementing Intel vPro Technology to Drive Down Client Management Costs
 Microsoft Whitepaper: Improve Communications and Collaboration
Intel Article: Intel Core i5 vPro Brings Intelligence to the Processor
Microsoft Personalized Whitepapers and Resources for You
Microsoft Articles: Visual Studio 2010
Adobe Article: Java Developers Finding a Home at Adobe Flex
Microsoft Whitepaper: Make Better Decisions - SQL Server 2008 Business Intelligence.
MORE WHITEPAPERS, EBOOKS, AND ARTICLES

Webcasts

Video: How System Center Helps Reduce IT Costs
IBM Cloud Computing for Developers Virtual Event, April 6-8
Microsoft Video: OCS and Exchange: Platform Futures
MORE WEBCASTS, PODCASTS, AND VIDEOS

Downloads and eKits

HP PartnerONE | SolutionsINFINITE Visit us at hp.com/partners/us
Iron Speed Designer Application Generator
 MORE DOWNLOADS, EKITS, AND FREE TRIALS

Tutorials and Demos

Learn Unified Communications
Learn SQL Server 2008
Learn Windows Server 2008 R2
Internet.com Hot List: Get the Inside Scoop on IT and Developer Products
Learn Forefront
 Learn System Center
All About Botnets
Learn SharePoint
MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES