I came across an old entry today on CSOonline.com. It is dated 2002. It's titled “The Top Five Concerns for a CSO” and lists what, at the time, were the five areas of focus for security leadership.
From the article:
Control to the enterprise and basic functions of the enterprise should be high on your list.
Consider information as well as operations. Protecting them is your raison d'être.
3. Employee mobility
Think about how assets can be moved around.
4. Human capital
Pay attention to the telltale signs that could predict an employee threat.
You need to make employees feel safe without going overboard. Knee-jerk reactions won't gain any ground or achieve a competent effect.
My take: It’s interesting that in all that has changed, in all of the advances we’ve witnessed in technology over the last decade, that the core concerns of a security leader still remain about the same. Sure, trends such as BYOD may have turned the concept of "employee mobility" on its ear, but the principal issue remains constant.
What would you change about this list? What would you add to it?