They way I see it — all security officers fall into one of two camps: 70% are traditionalists and only 30% are true, risk management professionals. We can do better.
· IT risk is a technical problem, handled by technical people, buried in IT.
· Every problem is solved with a new technology
· Security people are heroes hired to protect the company (and gosh darn it, they are going to do that at all cost).
Risk management professionals (the minority), believe:
· The role of risk and security is to balance the needs to protect the organization with the needs to run the business.
· They can work well their non-IT counterparts to balance risk and security
· They can bridge technology issues into non-IT business decision making.
I believe the risk management professional camp is growing at 5% per year and the traditionalist camp is shrinking by about 5% per year. If you want to remain relevant, you should be thinking about evolving.
Which camp do you belong? And, what can you do about it?
Category: Uncategorized Tags: