Growing Respect for IT Security Professionals

Article excerpt

THE STATURE OF information security professionals within the organization is growing, thanks to proactive risk management approaches, legislative requirements, and the complexity of the systems they manage. That's a conclusion from research conducted by IDC on behalf of (ISC)[.sup.2], the International Information Systems Security Certification Consortium.

The survey of 4,305 information security professionals (including chief information security officers, chief security officers, and security consultants) from companies large and small across the world notes the ever-increasing number of responsibilities of these security workers. In addition to their daily responsibilities, these security workers must now spend "a disproportionate amount of time and resources researching and implementing new technologies, demonstrating regulatory compliance, and addressing internal political issues."

As business enablers rather than cost centers, IT security now "must compete with other business groups for scarce resources such as staff and budget."

Howard Schmidt, former vice chair of President Bush's Critical Infrastructure Protection Board and now head of his own firm, R & H Security Consulting, says that the survey results provide hard evidence that the importance of security professionals is finally being recognized. …