“The CISO as a marketer and leader: The Chief Information Security Officer (CISO, or equivalent) will become less focused on technology and security tools, and become considerably more focused on marketing. This is not only focused ‘upwards’ to the Executive team and Board but also across the organisation to all staff and even involve end customers. The main challenge in this role is to engage the “hearts and minds” of the organisation so they are more empowered to become the protectors of the business’s and sensitive data..”
From a report by TrustedImpact entitled, “The Security Team of 2020.”
I was recently privileged enough to be invited to participate in a round-table discussion with some of Australia’s thought leaders on the future of digital security. The event was run by TrustedImpact, a leading boutique consultancy firm that does security and nothing but security. It has helped to protect some of Australia’s leading brands and the link above contains a wealth of insights gained from surveying 30 influential leaders from the technology, security and risk industries.
The quote above is but one of many in the report that bear resemblances to what’s occurring in the OSS industry. I was actually amazed that the round-table discussion amongst these influential experts never entered the realm of the technology. The discussion was all about people and process, particularly in the evangelising of the key principles and governance that would make their organisations and their customers more secure. They tended to see their role as being responsible for demystifying digital security rather than confusing their stakeholders (both up and down in the org chart).
Here are a couple of other key call-outs from the report:
– The successful security team of 2020 must become more “well rounded”:
– Security roles – less island mentality, more eco-system interconnected:
Does this sound similar to the message in yesterday’s blog here on PAOSS? The technology is a means to an end, but it has to have a whole-of-business remit and provide a whole-of-business benefit, whilst being understandable by whole-of-business.
Security is a brand protection mechanism and a digital enabler. So is the traditional OSS. Just like the evangelising CISOs, OSS / BSS executives have the ability to make OSS / BSS much more than that. They can be revenue generators (eg data, APIs, etc), facilitators of new product / business / revenue models, business insight generators, operational efficiency engines and more.Read the Passionate About OSS Blog for more or Subscribe to the Passionate About OSS Blog by Email