It's Time to Raise the Profile of Security
Has information security outgrown IT? According to a report from HP, it's possible. The size, scope, severity and frequency of cyber-attacks have raised the profile of security teams to a new level, as evidenced by recent attacks against the likes of Anthem, Sony, Staples and JP Morgan Chase. As a result, cyber-security has evolved into a boardroom concern that calls for it to become a strategic component of the enterprise, on par with finance, marketing and operations. Such is the key takeaway from HP's "State of Security Operations 2015 Report." In assembling the report, HP performed 118 assessments of 87 security operations centers that it has equipped, determining that most enterprises are woefully unprepared to defend against even the most basic attacks. As such, the report suggests it's time to raise the profile of security in the corporate structure. "The size, scope and severity of threats now requires the attention of and direction from senior management, which must ensure that its cyber-security strategy is in alignment with the organization's objectives and risk tolerances," advises Chris Triolo, vice president of professional services for HP's enterprise security products. "In order to adapt, compete and succeed in the current security environment, where threats are evolving quicker than solutions, business leaders must expand security operations beyond IT and into a more strategic capacity."