The days of IT security being purely an advisory role
are in decline, according to Paul Dorey, vice-president for digital
security at BP.
Speaking to Computer Weekly ahead of his presentation on
Thursday to the Gartner conference, Dorey said the dependence of
business processes on IT and the digitisation of almost every
physical component and process is placing digital security at the
core of business integrity.
Dorey predicted that by 2010 an increasing number of IT security
professionals would be legally accountable for their designs and
the statements they make about the digital integrity of their
organisations.
Such accountability is reflected in other professions, such as
the engineer who specifies the strength of steel for the bridge,
the surgeon who knows when to operate and the compliance officer
who confirms regulatory compliance, said Dorey.
He said, "Rather than consultants one step removed, the
professional will be more and more trusted as a decision
maker."
Dorey said the changing dynamics of security would mean chief
information security officers (CISOs) needing to address tough
issues, such as how the security capability can be deployed outside
the company as well as inside and how best to work with
regulators.
Dorey's presentation will focus on the skills CISOs will need
for the future.