Editor's Note: Security Chiefs Wear Many Hats On The Job
I was leaving a parking garage in D.C. the other day, and as I approached the cashier, I saw a video monitor behind her (key word--behind) with modules for about nine cameras. As I got closer, I realized that only two of the modules were actually showing live video. One was of a concrete wall. The other was pointed to the cars exiting the garage--not the license plates, mind you, but the tops of the cars. Why have security cameras if they aren't really doing anything--like keeping an eye on the cars in the bowels of the garage? Or on the entrances to the building, where thieves (or worse) could be entering or exiting? Even if all of the cameras were working effectively, why was the monitor behind the person in the booth collecting parking fees? Finally, it was my turn. I realized that the person collecting fees not only was the cashier but also the "security manager," according to her name tag. So the security manager ran my credit card through the system while the video cameras were either off or pointing to seemingly irrelevant places. I wasn't feeling real secure about my parking decision. As I exited the building, I passed police car after police car parked around various government buildings and the perimeter of the White House. National Guard members were plentiful. OK, then I was feeling secure.
How's your company data feeling? Like it's protected by a cashier doubling as a security manager or by the National Guard? Improving security has been a priority long before Sept. 11, but many companies are taking the job even more seriously by creating specific executive positions--chief security officers. Sure, these titles also existed at some companies before Sept. 11, but these folks have been elevated to a whole new level. It's not a job for the weak of heart. Being a CSO requires the ability to secure computing environments that have fewer walls and more collaborative relationships with partners and customers; the ability to protect an increasing amount of wireless data and services; the ability to prevent, or at the least react quickly to, an increasing number of viruses; the ability to keep pace with emerging policies and legislation designed to protect the nation's infrastructure; a need to make the CEO, stockholders, and customers comfortable; and a need to ensure that employees are productive and efficient while understanding and following important company policies. It takes communication, evangelism, and a little bit of politics.
On page 34, senior writer Mary Hayes takes a close look at these execs and gives you a taste of what their life is like. Does your company have a CSO? What's it waiting for?
Stephanie Stahl Editor
To discuss this column with other readers, please visit Stephanie Stahl's forum on the Listening Post.
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.