Survey Shows Growing Business Role for Information Security Managers

The role of information security managers is rapidly changing to focus on business needs instead of technology, according to a recent survey of more than 1,400 Certified Information Security Managers (CISMs) in 83 countries by ISACA, an association of more than 75,000 IT governance professionals worldwide.

The Information Security Career Progression Survey Results showed that information security managers experiencing significant career momentum are closely aligned with business goals and priorities. According to the survey, the career growth pattern among CISMs is clear as they continue to move up into management ranks and acquire more business-focused responsibilities. The survey also revealed that the top five most common activities performed by information security managers in their current positions are risk management, security program management, data security, policy creation, and maintenance and regulatory compliance.

The role of information security management is quickly evolving to direct the use of technology to solve or prevent business problems instead of being a purely technical specialization, said Lynn Lawton, CISA, FBCS CITP, FCA, FIIA, PIIA, international president of ISACA.

About the Information Security Career Progression Survey Results ISACA surveyed 1,426 CISMs from 83 countries in November 2007. Survey respondents represented more than 20 different industries; the greatest populations were in banking and financial services (26.6 percent), consulting (23.75 percent), technology (12.5 percent), government (12 percent), and healthcare (4.2 percent). 

European Media Contact: Neil Stinchcombe