As we are all aware, there has been a rash of reported privacy breaches recently. This likely is because not only is our enterprise data more transient and mobile, but we are having increasing difficulty controlling where that data goes and what controls, if any, go with that data. And that assumes that we actually know where our data is, and who is doing what with it. The sad truth: information security professionals often do not know the location of their enterprises' data.
The responsibilities of the chief security officer keep growing. Years ago, personnel in the position fulfilled a very technical role and didn't have to really interact with the suits. However, over the years the role has changed. Today the CSO is responsible for a variety of very technical programs, such as intrusion detection, as well as some very non-technical programs, such as business continuity planning (BCP).