IT departments need to become more integrated with other
departments if businesses are to make effective decisions on
managing risk and protecting their reputations, executives of
leading companies heard last week.
The lines between IT, human resources, sales and marketing,
finance and physical security are blurring, making it essential for
IT departments to think about risk across their organisations,
rather than working in silos, delegates at the Global Risk
Management summit were told.
“Most IT people do not understand the business. If you ask them
what the sales figures are, they will not know. They have to know
these things as well. They must be seen as part of the business,
not independent from it,” said Claudia Nathanson, chief security
officer at global drinks company Diageo.
With IT increasingly underpinning physical security, marketing
and human resources, it no longer made sense for IT directors and
IT staff to work in isolation from other parts of the business, she
said.
“We are seeing convergence. There is no barrier between physical
security and information security. Companies are using encrypted
laser beams to protect the building. CCTV cameras are running on IP
networks,” she said. “If you are in marketing, you are starting to
talk about digital marketing because everyone is selling on the
internet.”
This means that IT directors need to think about the impact of
their plans on the rest of the business, not just on their own
departments. “It is difficult for IT directors to do ‘off the
cuff’. You have to understand how you are going to bring in
internal partnerships,” said Nathanson.
The Global Risk Management summit was organised by the Corporate
Executive Programme, an initiative created to help businesses break
down the barriers between IT and other parts of the
organisation.