The New Security Leader: Less Techy, More Business-Savvy
Security leadership has evolved significantly in recent years, moving beyond technical expertise to strategic partnerships within organizations. Security professionals now articulate business value and align with organizational objectives, according to Paul Watts, a distinguished analyst at the Information Security Forum.
“The ratio between technical and business acumen for security leaders is changing. Technical ability is not necessarily a barrier to entry for security leaders,” he said. “There are CISOs coming into the industry and into these leadership roles without a massive technical background.”
Watts foresees a shift toward decentralized security management models, promoting agility and integration with business processes.
“There’s a role called business information security officer,” Watts said. “It’s an increasingly fashionable interface between the security function and the business process. These are people who are taking a business-first, security-second approach to balancing risk with reward.”
MEET THE AUTHOR
Paul has worked in information technology for over twenty-five years, seventeen of which have been as a security executive and CISO in several industry sectors including financial services, retail, critical national infrastructure, food and beverage, data analytics and market research.