Heads of information security functions are more likely to be business managers than techies in future as companies take a more strategic approach that balances IT security threats against business drivers. That’s according to analyst house Gartner which predicts security will evolve into an element of a wider risk management strategy. The concept of ‘acceptable risk’ is an oxymoron to many security professionals,” said Paul Proctor, research vice president with Gartner’s Information Security Group.