DON’T LOOK NOW, but your security staff may be taking a powder.

Security professionals are set to move beyond IT director control in future, as they take a more proactive approach in order to secure their organizations, according to a study from the Information Security Forum (ISF), an international organization dedicated to benchmarking and best practices in information security.

“Currently less than three out of ten information security professionals believe they are focused on delivering solutions to the business. In the future, we predict six or seven out of ten will be focused on delivering solutions [to the business],” said Adrian Davis, ISF’s senior research consultant and the report’s author.

This means that skills will need to change, and how security interacts with business will change, according to Davis.

“Currently, five out of ten security professionals report to the IT director. But less than a fifth will do so in future,” he said.

Davis pointed out that there is currently a large increase in information security professionals reporting to non-IT people such as chief risk officers, chief security officers and chief operation officers.