ITPRO

Printed from www.itpro.co.uk

Register to receive our regular email newsletter at http://www.itpro.co.uk/registration.

The newsletter contains links to our latest IT news, product reviews, features and how-to guides, plus special offers and competitions.

Skip to navigation

    IT security professionals growing business role

Having IT security expertise is more likely to accelerate career progression as it becomes more closely aligned with business goals.

By Miya Knights, 23 May 2008 at 14:03

The role of information security managers is changing to focus on business needs instead of technology.

That's the main finding of a recent survey of more than 1,400 Certified Information Security Managers (CISMs) in 83 countries by the Information Systems Audit and Control Association (ISACA).

The Information Security Career Progression Survey found these IT professionals shared a similar career growth pattern that is rapidly moving them up the management ranks into more business-focused roles.

When asked about their next career move, 40.6 per cent said that they intend to step into an executive management role, while the same percentage of respondents intend to take up a chief information security officer (CISO) role and 27.1 per cent saw themselves in a chief security officer (CSO) role.

"The role of information security management is quickly evolving to direct the use of technology to solve or prevent business problems instead of being a purely technical specialisation," said Lynn Lawton, international president of ISACA.

The survey also found the top five most common activities performed by information security managers in their current roles are risk management, security programme management, data security, policy creation, maintenance and regulatory compliance.

Lawton added that it was encouraging to see members taking increased responsibility for business functions like risk management, governance and architecture. "These activities help protect the value that information provides to enterprises around the world," she added.

This more strategic job focus was also in contrast to former duties, where only 54.8 per cent of respondents said that they had responsibility for risk management. Over three quarters (75.6 per cent) said they were now responsible for this more business-related function. And network security was the third most frequently performed activity in prior positions, but had dropped to eighth in current roles.

This career progression towards senior management showed how the IT security function had become a more strategic business driver, receiving increased attention from boards of directors and executive management, according to Evelyn Susana Anton, chair of the CISM certification board.

Email to a friend

Print this page

Social Bookmark this article: What is this?

Add to: DiggDigg
Add to: Del.icio.usDelicious
Add to: RedditReddit
Add to: StumbleUponStumbleUpon
Add to: SlashdotSlashdot
Add to: GoogleGoogle
Add to: FacebbokFacebook

Be the first to comment on this article

You need to Login or Register to comment.

    Related stories

    Related Tags

security professionals ISACA careers
advertisement

    Latest Careers Features

Can you sack your IT department?

Between the credit crunch, the consumerisation of IT and the rise of cloud services, the role of the IT department is going to change.

Read more

 

More Careers Features

advertisement

    Blogs

Spammers are in a world of hurt

Spammers are in a world of hurt

Read more

 

    White papers

Want more background on today's hottest IT trends?

Visit IT PRO's white paper library for more on virtualisation, encryption and other topics.

    Register for IT PRO

You'll get exclusive member benefits including free white papers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.

Register
Advertisement