Rethinking the delivery of information security
Conclusion: The IT industry has hit a breaking point where the artificial grouping of information security and IT has left many organisations vulnerable. Business units have viewed information security as an IT problem, and IT has abdicated responsibility for many aspects of operations that should be viewed as basic hygiene. It is time for organisations that want to establish a reputation of trust with their stakeholders, to view information security very differently. This will require IT to take on more responsibility for security hygiene issues, and for many security practitioners to make the mental shift from technical do-ers to risk communicators. All organisations must know who, internally, is ultimately accountable for cyber-security and that this person is adequately informed, and empowered to execute on this accountability.
About The Advisor
James Turner is an IBRS emeritus Advisor who specialised in cyber security and risk and facilitates the CIO Cyber and Risk Network on behalf of IBRS. James has over a decade of experience as an industry analyst and advisor; researching the cyber security industry in Australia. As an IBRS Advisor, James authored over 100 IBRS Advisory papers, led dozens of executive roundtables, and presented at numerous conferences.