Security Team Management: Top 4 Findings From Discussions With CISOs
CIO, Thursday, August 22nd, 2024
What does a "security team" look like, exactly? We talked to CISOs to find out. Our discovery process yielded some interesting findings about the number of teams at each organization, their focus, how new teams are created, and reporting structure.
Most large businesses have a security team. But what, exactly, does that security team look like? How is it structured? To whom do its members report? And is it optimized in each of these respects to maximize the organization's security posture?
Those were among the questions that IDC recently asked a variety of enterprise security leaders as part of a project to understand approaches to organizing security functions today. What we found was a bit surprising in some ways.
We learned, for example, that very few organizations have just a single security team. Most have several. We also discovered a variety of approaches to organizing reporting structures for security functions.