Concur, also from inside the industry. The reality is that almost every C-Suite executive I talk to sees security as a cost center, and rolls it (and IT even) into the CFO, or the COO.
We focus on helping an organization make security an enabler. Yet even those customers who get it - really only care when there's a breach, or if someone's bacon has seriously been saved.
Suffice it to say, I find the industry troubling, to say the least.
Agreed. If you boil it all down, the only things that are "profit centers" are either Marketing or Sales. Everything else is a cost.
When a company I work for begins putting its employees into boxes like that, I look for a quick exit. It's only a matter of time before the C-level staff start reducing those "cost-centers" to a few overworked, underpaid staff.
We focus on helping an organization make security an enabler. Yet even those customers who get it - really only care when there's a breach, or if someone's bacon has seriously been saved.
Suffice it to say, I find the industry troubling, to say the least.