Here's a part of it that should spur you to read the rest:
New security audiences, from general managers to contract attorneys, from entry-level programmers to boards of directors, are becoming engaged and involved in the definition and execution of what formerly was a purely technical and parochial security domain. The financial health and well-being of enterprises is now much more directly impacted by security concerns, and so security responsibilities and decision-making are becoming more strategic.
The security leaders that will thrive will be those who can communicate the need for real change into a language understood outside of the technologists' circle. In a recent study by IBM's Center for Applied Insights, roughly 25 percent of CISOs and security leaders already find themselves in this position, strategically advising and executing according to direction and priorities set with their organization's executives.And that IBM study is cross sector; the percentage of strategically empowered electric power industry empowered as described is non zero, but vanishingly small.
Overall, Jack's points align well with my / our ongoing Security Governance campaign to have more critical infrastructure companies appoint executive level security leadership with enterprise-wide authority and CEO and BoD backing.
Here's the whole piece for you.