Information security has evolved in the past 10 years from a siloed, uber-secret endeavor to an accepted enterprise business practice. With that evolution, most security practitioners understand that information security and its underlying constructs must be integrated into the business. But the overuse of fear, uncertainty and doubt (FUD), compliance edicts and the wily hacker have undermined the positive impact of information security to the business. In turn, the longevity of some leaders' tenure is also in jeopardy when they are perceived as the local bailiwick rather than a respected and contributing business professional.