As I reflect on the wonderful two days spent at the 5th Annual CSO Summit organized by 9.9 Media, I was thinking back about the earlier summits and how the CISO role and the community has evolved in India over the years.
The Indian CISO is today dealing with even greater challenges than before – but is also sounding a lot more confident. This may perhaps be because of the much-overdue-and-deserved importance he (unfortunately, it is still an overwhelming “he” in India!) is garnering in the organization today.
Here are some of the key takeaways from the summit – gathered via my interactions and via the Annual CSO Survey* results presented:
– The CISO is being heard by the Board The CISO’s role has certainly evolved and expanded over the last year. 64% of folks surveyed said they were involved in boardroom discussions on Governance, Risk & Compliance while 32% said they were even involved in boardroom discussions on strategy. This was heartening to note.
– The Community of CISOs has expanded. Not only did the attendance at the summit give anecdotal evidence of this but the survey* also reflected this, saying 52% of organisations already had a dedicated CISO and another 18% planned to get one within the coming two years.
- And they are coming from various other functions – 50% of those polled have not been a part of a CISO’s in their earlier roles. They are being inducted from various other functions like Risk, IT, Internal Audit, etc.
- With less than 5 years of experience in the saddle. 60% of CISOs have been in their roles for less than 5 years
–They are coping with the same challenges as their global peers: Regulatory Compliance, BYOD, Privacy, Data Protection & 3rd Party Risks are some of the emerging threats that are being seen by the CISOs
–Most of the CISO’s time is being spent on Security Strategies and New Initiatives
–New Initiatives being planned are in the domains of Data Leakage Management, User Awareness, Unified Compliance and Identity Management
–Expectations from the CISO are also high. He is not only expected to have excellent technical skills but also be able to understand the business, communicate ROI, build a high-performance team and manage security operations
–Amidst all this, the struggle for skilled resources continues. In the survey, 32% said they find it difficult to find the right resources while 50% said it was “manageable”. However, in-person interactions had many folks lamenting about their struggle for good team members
It would be interesting to see how 2013 pans out for the CISO community.
*Annual CSO Forum Survey 2012 – covering 111 individuals, across segments (BFSI, Telecom, Manufacturing, IT/ITES, Pharma, Auto, Media & Entertainment, etc) and orgn sizes (from sub Rs.100 cr ($20M) orgns to 1000 cr ($200M) orgns
Posted By Shivangi Nadkarni, CEO, Arrka Consulting