Gartner IT Security Summit: IT is a business enabler, says CA

IT security is becoming a key business enabler in tougher economic times, according to IT services supplier CA.

IT security is becoming a key business enabler in tougher economic times, according to IT services supplier CA.

The ability to do business securely is at the heart of many successful organisations' strategy, Tim Dunn, vice-president of security business at CA, told the Gartner security summit in London.

Organisations that ignore the increasing demand for security in business and adopt a more conservative approach aimed only at cutting costs and reducing risk will be the losers, he said.

"In the light of the recent high profile security breaches, security and chief information security officers (CISOs) are becoming increasingly relevant to the way business is done and that trend is likely to continue," said Dunn.

The emphasis will change from just getting the job done as quickly as possible, no matter the risk, to getting it done as securely as possible to maintain trust and brand integrity.

According to Dunn, many organisations are also beginning to link good governance and regulatory compliance with better business results.

"Studies have shown that good governance ensures best practice and that results in better performance by the business," he said.

The evolution towards more security-centric business models is placing the CISO at the centre of business strategy, said Dunn.

"The rate of change to the CISO role is likely to accelerate with the increased need for businesses to co-ordinate security internally and externally," he said.

Responsibility for the security of the service oriented architectures that will enable this co-ordination and interaction rests mainly with CISOs, increasing their role in how business does business.

"A recent survey showed CISOs were responsible for SOA security in 83% of companies polled," said Dunn.

As more companies adopt a more internet-centric model to share business processes across the organisation externally and internally, the CISO's influence over how things are done will increase.

"The CISO will also influence the evolution of new business models based on new technologies, with the result that the CISO and his team will touch all parts of the business," said Dunn.

Read more on IT risk management