We in the security community tend to look at the world through a series of segments - network security, endpoint security, analytics, identity management, risk management, etc. Okay but the CISO sits at the top of the organization and has to deal with the whole enchilada. When you look at enterprise security in total, it is a pretty ugly situation with all kinds of things breaking down simultaneously.
So what can CISOs to fix things across people, processes, and technology at the same time? Many simply throw up their hands and turn to security services. This trend will continue and increase. Enterprises could hire an army of CISSPs but cybersecurity experts are in short supply and few companies can throw around this kind of money.
This leave only one other alternative: Work smarter, not harder. In other words, find ways to make the security infrastructure more effective and personnel more efficient. When CISOs come to this epiphany they will realize that they need a new enterprise-class security technology architecture to make this happen.
This is where we are headed - sooner than most people think.
Sign up for CIO Asia eNewsletters.