IT
security is becoming a key business enabler in tougher economic
times, according to IT services supplier CA.
The ability to do business securely is at the heart of many
successful organisations' strategy, Tim Dunn, vice-president of
security business at CA, told the Gartner security summit in
London.
Organisations that ignore the increasing demand for security in
business and adopt a more conservative approach aimed only at
cutting costs and reducing risk will be the losers, he said.
"In the light of the recent high profile security breaches,
security and
chief information security officers (CISOs) are becoming
increasingly relevant to the way business is done and that trend is
likely to continue," said Dunn.
The emphasis will change from just getting the job done as
quickly as possible, no matter the risk, to getting it done as
securely as possible to maintain trust and brand integrity.
According to Dunn, many organisations are also beginning to link
good governance and regulatory compliance with better business
results.
"Studies have shown that good governance ensures best practice
and that results in better performance by the business," he
said.
The evolution towards more security-centric business models is
placing the CISO at the centre of business strategy, said Dunn.
"The rate of change to the CISO role is likely to accelerate
with the increased need for businesses to co-ordinate security
internally and externally," he said.
Responsibility for the security of the
service oriented architectures that will enable this
co-ordination and interaction rests mainly with CISOs, increasing
their role in how business does business.
"A recent survey showed CISOs were responsible for
SOA security in 83% of companies polled," said Dunn.
As more companies adopt a more internet-centric model to share
business processes across the organisation externally and
internally, the CISO's influence over how things are done will
increase.
"The CISO will also influence the evolution of new business
models based on new technologies, with the result that the CISO and
his team will touch all parts of the business," said Dunn.