Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

The evolving role of information security managers

ISACA : 23 May, 2008  (Technical Article)
ISACA has published its free survey results detailing the career growth patterns and changing roles of information security professionals
The role of information security managers is rapidly changing to focus on business needs instead of technology, according to a recent survey of more than 1,400 Certified Information Security Managers (CISMs) in 83 countries by ISACA, an association of more than 75,000 IT governance professionals worldwide. The Information Security Career Progression Survey Results showed that information security managers experiencing significant career momentum are closely aligned with business goals and priorities. The full survey is available as a complimentary download from the ISACA web site.

According to the survey, the career growth pattern among CISMs is clear as they continue to move up into management ranks and acquire more business-focused responsibilities. When asked what their next career step will be, 40.6 percent of respondents said that they intend to step into an executive management role, 40.6 percent intend to step into a chief information security officer (CISO) role and 27.1 percent see themselves in a chief security officer (CSO) role.

The survey also revealed that the top five most common activities performed by information security managers in their current positions are risk management, security program management, data security, policy creation, and maintenance and regulatory compliance.

"The role of information security management is quickly evolving to direct the use of technology to solve or prevent business problems instead of being a purely technical specialization," said Lynn Lawton, CISA, FBCS CITP, FCA, FIIA, PIIA, international president of ISACA. "It is encouraging to see that CISMs are taking increased responsibility for business functions such as risk management, governance and architecture. These activities help protect the value that information provides to enterprises around the world."

When asked about prior job duties, only 54.8 percent of respondents said that they had responsibility for risk management. In their current position, 75.6 percent said they were responsible for this business-related function. Network security was the third most frequently performed activity in prior positions, but it dropped to eighth in current positions.

"It is clear that Certified Information Security Managers are experiencing career growth and moving up higher into management," said Evelyn Susana Anton, CISA, CISM, chair of the CISM Certification Board. "This shows that these functions are vital business drivers and are receiving increased attention from boards of directors and executive management."

Designed for experienced information security managers, the CISM designation is a groundbreaking credential earned by more than 9,000 professionals since it was established in 2002. In Certification Magazine's 2007 Salary Survey, CISM was found to be the second-highest paid certification and was noted as being recognized as an asset among business leaders.

ISACA surveyed 1,426 CISMs from 83 countries in November 2007. Survey respondents represented more than 20 different industries; the greatest populations were in banking and financial services (26.6 percent), consulting (23.75 percent), technology (12.5 percent), government (12 percent), and healthcare (4.2 percent). The purpose of the survey was to examine how professionals in information security management arrived at their current position, what types of activities they are accountable for and how they envision their future.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo