Jacob D. Maenner, Sr., PSPSecurity Leader
In a world where technology is a part of everything we do and that being quite true in the security industry as well, I am curious to learn some perspectives of other professionals. It seems to me that the overlap between traditional security responsibilities and those of IT professionals is becoming larger day by day. I'd like to learn what others have to offer about this, especially considering some of these thoughts:
- In general, do people view security functions subordinate to IT functions? Vice versa? Neither?
- Considering budgetary and systems implementation decisions, would the IT Director have more influence than the Security Director?
- In my experience, it seems as though IT practitioners, because of the nature of the work, must have basic technical security principles at the ready even at the most entry level position, and that entry level security professionals do not necessarily require the technical background. Are those coming through the security ranks at a career-type disadvantage down the road?
- Can someone with an IT security background transition into the CSO position more easily than someone with the background heavy in physical security? What differences would one identify between the CSO, CIO, and CISO professionals' careers?
Insights on these and other related thoughts are greatly appreciated. No particular reason for this discussion, other than my own processing of various pieces of information I have received in recent months.