IT security role changes focus

At the Gartner IT Security Summit in London last week, experts predicted a radical change in security strategies as more companies appoint chief risk officers.

Strategic tasks such as the assessment and reporting of risks have become increasingly important for information security, said Gartner’s Jay Heiser. “The bigger the firm, the more likely the strategic and tactical information security people will be pulled apart,” he added. “Maybe there won’t be an information security group anymore, which is a good thing as it shows the space is maturing.”

Paul Proctor, Gartner’s information security expert, said the shift from reactive security measures to proactive security and processes means a different kind of professional will be required. He argued that the IT security chief of the future will be more like a risk management officer, with a project management background.

‹ Risk and reward, Leader, p14