Ford and Geely Explore Strategic Manufacturing Partnership in Europe 
Nvidia CEO Jensen Huang Says AI Investment Boom Is Just Beginning as NVDA Shares Surge 
Missouri Judge Dismisses Lawsuit Challenging Starbucks’ Diversity and Inclusion Policies 
Australian Scandium Project Backed by Richard Friedland Poised to Support U.S. Critical Minerals Stockpile 
SpaceX Pushes for Early Stock Index Inclusion Ahead of Potential Record-Breaking IPO 
Nvidia, ByteDance, and the U.S.-China AI Chip Standoff Over H200 Exports 
Prudential Financial Reports Higher Q4 Profit on Strong Underwriting and Investment Gains 
AMD Shares Slide Despite Earnings Beat as Cautious Revenue Outlook Weighs on Stock 
Nasdaq Proposes Fast-Track Rule to Accelerate Index Inclusion for Major New Listings 
Nvidia Nears $20 Billion OpenAI Investment as AI Funding Race Intensifies 
CK Hutchison Launches Arbitration After Panama Court Revokes Canal Port Licences 
Amazon Stock Rebounds After Earnings as $200B Capex Plan Sparks AI Spending Debate 
TSMC Eyes 3nm Chip Production in Japan with $17 Billion Kumamoto Investment 
Sony Q3 Profit Jumps on Gaming and Image Sensors, Full-Year Outlook Raised 
FDA Targets Hims & Hers Over $49 Weight-Loss Pill, Raising Legal and Safety Concerns 
Alphabet’s Massive AI Spending Surge Signals Confidence in Google’s Growth Engine 
Baidu Approves $5 Billion Share Buyback and Plans First-Ever Dividend in 2026 
SAN FRANCISCO, Feb. 29, 2016 -- RSA CONFERENCE -- While the industry has become fatigued with the “CISOs don’t get respect from leadership” mantra, a new research-driven program from IANS is providing Chief Information Security Officers (CISOs) with a path to business impact based on a quantitative benchmark model. IANS’ research, presented today at the annual RSA information security conference, indicates that many CISOs are not successfully stepping up to a leadership role (as their C-Level title requires). In response, the IANS program reveals a distinct path for CISOs who are seeking to earn a seat at the executive table.
IANS, the world’s leading provider of in-depth security insights and decision support, issued the results from its study of more than 1,000 top corporate security officers. The research revealed that over 70% of CISOs and teams languish at a foundational level, characterized as being isolated within a technical function, with immature teams who have no influence on the business operations that cause information risk, and only tactical responsibility for securing data on the network.
22% of CISOs and teams report that they are in a transition state between this foundational level, and reaching an executive level of influence - and only eight percent of CISOs are considered to be at an “Executive Level,” regarded as peers by their C-Level colleagues.
“There is too much noise in the marketplace about what CISOs should be doing. It all sounds so platitudinous,” said Phil Gardner, IANS’ chief executive officer. “We kept hearing, ‘CISOs need to learn how to communicate like business leaders,’ and ‘Security must become part of the fabric of the business.’ We are more interested in discovering how CISOs and teams can earn that seat at the table, as well as the steps that the most successful CISOs and executives have taken to get there.”
IANS’ research has uncovered 50 distinct capabilities that top CISOs and teams have prioritized to mature their organizations. Gardner will report on IANS’ findings at RSA Conference 2016, helping CISOs start on their own path to leadership.
Among the top findings:
- There are four stages of maturity advancement, and a distinct maturity pathway that the top 8% have mastered. IANS has defined between three and five skills and capabilities that must be addressed and developed at each of the four stages of maturity advancement.
- More than half of the top-performing CISOs do not report to the CIO or into technology; rather, they have earned a direct-line report to the CFO, or the chief legal or risk officers.
“CISOs are in the most difficult of positions,” continued Gardner. “They have promised to protect the company’s critical assets across space and time, and yet have little or no control over the business decisions that cause risk. In order to be as effective as they can, they must possess the ability to engage effectively with the business as well as develop and maintain technical excellence.” At RSA Conference 2016, Gardner will be speaking on “Lighting the Path to Security Leadership.”
IANS has spent the last two years interviewing and assessing CISOs and their teams at more 1,000 companies throughout North America. The research has resulted in the development of “CISO Impact” – IANS’ proprietary framework. It identifies 15 categories of capabilities (eight technical domains and seven organizational factors) that CISOs and teams must address in order to achieve maximum business impact. More information about the IANS CISO Impact Diagnostic tools can be found here: https://diagnostics.iansresearch.com
IANS Chief Research Officer Stan Dolberg, formerly Forrester Research’s chief research officer, will join Gardner at the RSA Conference. Both are available for comment at the event.
About IANS
IANS is the leading provider of in-depth security insights and decision support delivered through research, community, and consulting. Fueled by interactions among IANS Faculty and information security practitioners, IANS’ experience-driven advice helps IT security, risk management, and compliance executives make better, faster technical and managerial decisions.
IANS was founded in 2001 as the Institute for Applied Network Security. Inspired by the Harvard Business School experience of interactive discussions driving collective insights, IANS adapted that format to fit the needs of the information security community.
Catherine Riggi IANS 617.948.5714 [email protected] Steve Friedberg MMI Communications 610.518.7474 [email protected]
