Why Read This
CISOs should be constantly evaluating the structure and make-up of their organization to make sure it aligns with business needs. Your staff and your reporting structure will determine whether you simply meet traditional expectations of protecting information technology assets or pursue modern expectations of managing risk in support of business performance. If security leaders hope to keep abreast of the evolving threat landscape in a market with more staffing demand than supply, it's essential that they find creative ways to source the staff they require and develop the skills of existing team members. This report explains how to evaluate the structure of your organization to make sure it can meet business demand and how to staff your organization to assure best performance. This is an update of a previously published report; Forrester reviews and updates it periodically for continued relevance and accuracy.