Chief information security officers (CISOs) face a number of specific challenges in 2013.

IDC has released its top 10 prediction for CISOs, as follows:

* CISOs agree with C-suite about BYOD security policies;

* CISOs focus social networking activities on customer experience, brand identity, return on value and security;

* CISOs respond to redundant, siloed GRC implementations by building WW frameworks;

* CISOs realise big data and analytics risks;

* CISOs enable, not obstruct, innovation;

* CISOs respond to demands that security becomes a “predictable operational expense”;

* CISOs move “Internet of things” from incidental to important;

* CISOs wrestle with virtual data centre security that is cloud dispersed;

* CISOs resolve problems with “tower of crypto-Babel”; and

* CISOs push back on “new normal” of inevitable breaches.

“This year, we predict CISOs will arrive at a BYOD security policy that strikes a balance between user convenience, business unit innovation, and risk management of corporate assets,” says Christian Christiansen, security products and services programme VP at IDC.