|
As we begin this 21st century, an ISSO faces many more challenges than existed only a decade ago. The environment is faster, more technical, and much more challenging. The 21st-century ISSO must understand the global marketplace and the company's business environment much more than was necessary only a decade or so ago:
ISSOs must understand their company's business, including its history, products, competition, plans, costs, and product value.
ISSOs must understand business, management, and how to communicate with management in management's language—not in "computerese"!
ISSOs must document major InfoSec decisions to provide a historical file that can be used in the future when considering similar situations.
ISSOs must also think and act as business managers of the company.
ISSOs must be service and support oriented.
Company managers must understand their assets protection responsibilities. That is especially important today, when information protection and crime prevention should be a major responsibility of every company manager. For it is only with that understanding, support, and action that companies can respond to attacks against them from competitors, nation-states, and techno-spies.
|