A new breed of information security leader

Every day, new streams of information flow into corporations, powering up-to-the-minute analysis and smarter decisions. Employees, customers and contractors are all connected as never before, across a multitude of technologies. This hyper-connected era is new ground for many organizations.

These sprawling and overlapping networks pose daunting security challenges. The complexity is dizzying, the possible points of attack nearly limitless. CIOs and CISOs are grappling with growing frustrations—and questions.

From crisis to confidence

2011 was the year of the security breach.¹ And while many security organizations remain in crisis response mode, some security leaders have moved to take a more proactive position, taking steps to reduce future risk. These leaders see their organizations as more mature in their security-related capabilities and better prepared to meet new threats. What have they done to create greater confidence? More importantly, can their actions show the way forward for others?

Read the full report

Finding a strategic voice: Insights from the 2012 IBM Chief Information Security Officer Assessment (1.39MB)

In the new report, IBM identified three types of security leaders: influencers, protectors and responders.

View the full infographic to learn more.

Security Essentials for CIOs: enable innovation and manage risk

In this series, IBM examines what it will take to expand the role of information security to confront the challenges facing enterprises today.

• Embracing innovation with confidence

  IBM uses ten key security practices to help balance necessary innovation and the need to control risk. This includes technology, process and policy measures.

  Read more (864KB)

• Enabling mobility: their device, your data

  CIOs face a tough choice. They must figure out a secure way to allow employees to conduct business on their own devices, or they must simply say no.

  Read more (850KB)

• Educating everyone to guard the cloud

  Education is an important and often overlooked component for good cloud security. To maintain a secure cloud environment over time, enterprises need to educate their users on these security essentials.

  Read more (850KB)

• Establishing a "Department of Yes"

  To create a pragmatic, progressive, organizational structure for enterprise security, there are five functions that are needed to transform the departmental culture from "No" to "Yes, here's how."

  Read more (880KB)

1 IBM X-Force 2011 Full Year Trend and Risk Report.