And in addition to security, executives must become more proficient in data-privacy matters. "There will be more interaction between privacy and security," says Jason Taule, chief security and privacy officer at FEI Systems, a provider of information and analytics services for government entities dealing with behavioral and mental healthcare. Personal and professional information are getting harder to separate as more and more companies start using social media and big data. That blending will create tension that could lead to more legal actions, he says.
Companies will need to someone in the role of chief privacy officer, and this person should probably be the same as the top security officer, Taule says, because guarding privacy--whether it's that of employees or customers--is so closely linked to protecting data.
"I do think the security officer's job will become increasingly about privacy because we need to ensure the actions we take do not infringe on the rights of data owners, especially when the data in question has been entrusted to us for safekeeping," Taule says. "Privacy is just another question of risk. And the security officer's job is about managing different kinds of risks."
Changing roles within security departments
New security job functions will emerge in the coming years as organizations place greater emphasis on areas such as cloud computing, mobile technology and big data.
"As more infrastructure and solutions move to the cloud, job functions required to manage this will be different then what we traditionally have seen," Greenberg says. "More project -managers will need to be hired at companies as more security jobs migrate to the cloud."
"We will see cool new names like data security scientist and cloud control engineer or analyst," Cloutier says. "But we need to define what these functions mean, prioritize them and start finding people" to fill these roles.
In some cases, companies will opt to convert existing positions into these new functions, Cloutier says. For example, they might retrain a firewall technician to be a cloud control engineer.
Some observers expect to see a dramatic shift in the role of the security department itself and its relationship with other functions.
"We will see corporate security become a merger between IT security, [human resources] security, facilities security and operational security," says Michael Daly, director of IT security services and deputy CISO at technology giant Raytheon.
"And these will be part of a larger shared services function at the corporate level, supporting all of the company's businesses," Daly says.
"This is driven by cost and efficiency, but also by the convergence of -technologies that support these functions as well as the leverage gained by business analytics built from their converged data systems."
Sign up for MIS Asia eNewsletters.