{"id":2015,"date":"2003-11-16T00:00:00","date_gmt":"2003-11-16T00:00:00","guid":{"rendered":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/2003\/11\/16\/global-1000-companies-should-hire-a-chief-security-officer-by-the-end-of-2005\/"},"modified":"2021-12-30T11:40:29","modified_gmt":"2021-12-30T11:40:29","slug":"global-1000-companies-should-hire-a-chief-security-officer-by-the-end-of-2005","status":"publish","type":"post","link":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/2003\/11\/16\/global-1000-companies-should-hire-a-chief-security-officer-by-the-end-of-2005\/","title":{"rendered":"Global 1000 Companies Should Hire a Chief Security Officer by the End of 2005"},"content":{"rendered":"<p>As businesses move more mission-critical business processes and applications to IPl networks and use the Internet to communicate with suppliers, partners and customers, security has become a concern<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The CEO&#8217;s primary responsibility is the strategy and direction of the business.<br \/>\nSecurity should be a concern but CEOs usually have a dozen other things in line ahead of it.<\/p>\n<p>The paramount issue for the CFO is controlling costs.  CFOs are not supporters of visions of robust, feature-rich and flexible architectures.  Their reason is simple&#8212;they cost too much.  The CSO must make the CFO understand that centralization of the security vision and spending will ultimately save money.  The CSO must also initiate a Net Security Risk (NSR) exercise to calculate the financial risk of avoiding security spending.<\/p>\n<p>The CIO keeps the business systems up and running.  CIOs are already battling with the CFO for system budgets.  In the wake of that battle, security is squeezed as a &#8220;nice to have.&#8221;  For the CSO to succeed, the CIO must make it clear to the IT professionals that security is a part of all technology and a critical part of their jobs; failing to take this into consideration will lead to immediate termination.<\/p>\n<p>The CTO establishes the technology direction of the company.  The CTO, however, should not be in charge of the daily operational responsibilities of the business and should not be tasked with security operations among other technology decisions.<\/p>\n<p>The COO is the battlefield commander responsible for the day-to-day operations of the company.  Security adds an additional step to all other business and operational life cycles and thus requires more time, more people and more money, all of which are not central to the COO&#8217;s charter.  Now there are personal privacy regulations in financial services and health care that make it a legal obligation to secure online information as well.<\/p>\n<p>The CSO is responsible for physical and technology security.  The CSO must then communicate this vision across all departments and business units. <\/p>\n<p>More info: [url=http:\/\/techupdate.zdnet.com\/techupdate\/stories\/main\/global_1000_companies_should_hire_a_chief_security_officer_by_the_end_of_2005.html?tag=tu.fd.sc.link]http:\/\/techupdate.zdnet.com\/techupdate\/stories\/main\/global_1000_companies_should_hire_a_chief_security_officer_by_the_end_of_2005.html?tag=tu.fd.sc.link[\/url]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11],"tags":[],"class_list":["post-2015","post","type-post","status-publish","format-standard","hentry","category-trends"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2015","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=2015"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2015\/revisions"}],"predecessor-version":[{"id":4502,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2015\/revisions\/4502"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=2015"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=2015"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=2015"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}