With regulations such as Sarbanes-Oxley and HIPAA, and a seemingly endless stream of cyberthreats and vulnerabilities to worry about, CISOs are under more pressure than ever. This is something Jay Taylor understands. As the general director of information technology audit at General Motors, he works closely with the company's security team and knows all too well how much security officers have on their plates these days. "They've got so much responsibility. It's so broad. They have all these suppliers coming at them with supposedly great ideas for technologies, while they are also under pressure from operating management and their own IT department management to reduce costs and deliver results," he says. "Now the board of directors is asking CIOs and CISOs to attend audit committee meetings and talk about what they are doing to manage information security risk."
展开▼