Managing information and cyber risks is now a topic of discussion at the most senior levels of organizations. Information security concerns now sit alongside challenges such as battling with complexity, controlling costs, supporting the business technology (BT) agenda, and executing business strategy. While this trend is giving CISOs their long-desired opportunity to interact with high-level business decision-makers, it also requires that CISOs realign their priorities and build new skills — that is, if they want to remain in their jobs. This report highlights the dramatic changes occurring in the business world generally, and the information security function specifically, and what all this means for the career paths of security and risk (S&R) professionals moving forward.