Chief Security Officers (CSOs), Chief Information Security Officers (CISOs), and Chief Information Officers (CIOs) play pivotal roles in steering organisations toward resilience. Up until recently, they were mostly technical roles responsible for protecting organisations from either physical or cyber threats. This has changed.
Many security pioneers are becoming involved in the key business operations and aligning security and technology policy with overall business objectives. Security executives are playing a more critical role at the C-level.
Shift to AI
Yet recent data from Brivo shows that limited budgets and lack of authority may still hinder the C-level security pioneers' full potential. At the same time, a huge shift is occurring. Artificial Intelligence (AI) promises change in everything from biometrics to proactive security models.
But given the risk that comes with change, security officers have a responsibility to ensure AI is only used within safe parameters in their organisations. This technology is set to seriously disrupt security, and the pioneers in charge of it.
The rising importance of security officers in business policy
Brivo's recent study Top Global Security Trends for 2024 found that nearly three-quarters of security professionals recognise CSOs have had a more important role in recent years. This recognition is likely a result of various factors:
- Seismic shifts induced by events like the COVID-19 pandemic.
- Significant job cuts and resignations following the pandemic and the subsequent recession in some parts of the world.
- The escalating threat landscape, including nation-state attacks.
Mobile device policies
Collaboration between HR and security departments is arguably one of the most important
There are also signs of growing collaboration between Security Officers and other parts of their organisation. 82% agreed HR and security are more closely aligned on mobile device policies than they were three years ago.
The trend is similar for alignment on workspace management (79%) and creating a culture of security awareness (79%). Collaboration between these two departments is arguably one of the most important for securing a business.
Controlling workplace access
For example, successfully controlling workplace access requires security teams to work closely with HR so they’re aware of anyone who has left the business.
Their access must be revoked, effective immediately. The same applies to providing immediate access to new starters for a smooth transition into the business. Employee experience falters and risk increases significantly if these teams aren’t communicating.
Current challenges
It also discovered CSOs are typically only responsible for 42% of an organisation’s security budget
Yet there is still work to be done. HR and security are a great example of collaborative working, but the rest of the organisation is still playing catch-up. The report found that 46% of security professionals see the lack of alignment between security and other departments as a barrier to the adoption of new physical security technology.
It also discovered CSOs are typically only responsible for 42% of an organisation’s security budget. They are more likely to be part of the team making security procurement decisions than the ultimate decision-maker. This raises an important question: can CSOs truly be effective without more control over resources and decisions?
The dawn of AI
AI is both a threat and a useful tool for the security industry. Planning budgets and fully understanding the potential of this technology will be crucial for organisations to benefit from AI as soon as possible.
This won’t be possible if CSOs do not have a credible seat at the table and the power to make decisions about how AI is used.
Top four challenges
Take the industry’s biggest AI concerns as proof that Security Officers are vital to aligning policy and managing risk. The top four challenges for adoption according to security professionals are seen as:
- Lack of budget.
- Cost of maintaining AI.
- Risk around inputting data into AI models.
- Limited AI expertise.
Investment in training
Investment in training around AI to build up expertise needs to be a top consideration and driven by both departments
It’s clear security teams need reassurance that the right investment is made, and there is dedication to maintaining this evolving technology safely. Security teams need to be sure that their Security Officer is a key decision-maker so that risks are understood and accounted for.
Again, HR and security collaboration is a must. Investment in training around AI to build up expertise needs to be a top consideration and driven by both departments.
AI and automation investment
The good news is that significant budgets have already been put aside for AI. In the UK over a quarter (27%) of enterprises with over a thousand employees expect to invest between £1m and £5m in AI and automation over the next three years.
It’s up to organisations to make sure their CSO wields control over more than just a fraction of this budget.
Path to improved security
While budget constraints and silos continue to stand in the way of CSO success, it’s clear that users are on the path to greater authority for security pioneers, with support and collaboration from other teams.
This will undoubtedly lead to improved security for those organisations that can better navigate the complexities of tomorrow’s disruptive technologies.