2012 Security 500 Leader Profiles

Duane RitterDuane Ritter, Vice President, Corporate Security


The Multi-Tasker


“Last monthin Las Vegas, I hosted a conference for the CSOs of the largest multiple cable systems in the U.S. While our companies compete in many areas of the country, in certain areas we do not. We all face the same security threats. By sharing information and discussing how to eliminate vulnerabilities, all of our stakeholders benefit and are more secure,” shares Duane Ritter, Vice President, Corporate Security for Cox Enterprises, who contributes to both his company and the industry at large with great enthusiasm.

Cox Enterprises is a $15 billion dollar privately held diversified company that includes Cox Communications, the third-largest cable TV provider and one of the largest broadband communications companies in the U.S., Manheim, AutoTrader.com and Cox Media Group, an integrated broadcasting, publishing and digital media company.

“The security organization is structured to be the trusted advisor to our business units. Their goal and ours is the same; to create a safe and secure environment for employees, their important information and our infrastructure and facilities,” notes Ritter. Working across a diverse organization requires coordination. “We are currently consolidating disparate physical security systems. We have also taken on the challenge of standardizing our security practices across diverse organizations. But our greatest threat, like many other organizations, is cyber.”

Among other initiatives, the company is creating a comprehensive Cyber Crisis Management program. “We aligned it to our critical response program and it is based on data privacy breach notification requirements, and industry standards such as PCI DSS,” explains Ritter. The program has been well received and as a result, he will be briefing company leadership about the program.

Ritter and his team have also revamped their third party due diligence process for any organization or vendor that touches the company’s network or accesses non-public, sensitive business information. “We deliberately changed from an ad hoc to formal process with our business stakeholders. Our goal is to evaluate third-party risk to ensure their security controls are adequate during the duration of the contract. The question is simply, ‘Who are we doing business with and what is the relative risk the relationship poses to our organization?’ and by answering that question, we ensure adequate due diligence on our third-parties,” says Ritter.

Business resilience is another focus area at Cox. “Anticipating potential business interruptions and working to mitigate those threats from happening supports the business organizations to remain operational and reach their goals. Resilience and strategies and preparedness drills are critical for success. Accurate risk assessment and being prepared are the biggest contributions we can make to the organization and our people,” he shares.

Examples of the risk and security strategies include travel programs, mass notification and workforce protection. “During and after Katrina, employees were our top concern. We worked around the clock to contact them and ensure their safety. Since then, we’ve improved our technology and emergency systems, so we can support our employees at an even higher level in the event of a business disruption. We have a 24 hour watch center capable of supporting all of our employees worldwide,” explains Ritter.           

“Our leadership expects us to provide professional and consistent security to the business owners we serve. The Security Department has a role in recognizing risk, understanding the effects it has on the business and identifying the means to mitigate it. Collaboration among departments and the diverse business units we support is key to our success as well as emphasis we place on mutual respect. Cox expects us to have a broad range of quality services that support the corporation in addition to providing resolution to issues and/or incidents that enable business growth.”

Ritter notes how the entire security field has changed from a law enforcement response mentality to a business risk and prevention expectation and expertise. “This is no longer seen as a post retirement job after a law enforcement career. The change to corporate security can be a challenge for many with career government and/or law enforcement backgrounds. The entire security field has changed, requiring different types of education, maturity and leadership skills.”

Ritter enjoys the variety he experiences in his job. “There are so many fields to work in, from IT forensics to physical security to complex investigations and threat assessments. This is an exciting profession because there is always something different coming in the door. This is a job where if you expect to be successful you should check your ego at the door, communicate, interact and solve problems.” Having amassed a lot of experience and expertise, he is motivated by the very talented, young people in his department who have chosen security as a profession.

When not at work, Duane likes to spend time with family and friends. Originally from Nebraska, he likes hunting, the outdoors and of course Cornhusker football.

If Ritter were not a CSO, then he would have pursued a career in law.


Security Scorecard

•           Revenue/Budget: $ 15,000,000,000

•           Security Budget: Confidential

•           Critical Issues:

            –          Cyber Threats

            –          Consolidation of Disparate Physical Security Systems

            –           Emergency/Crisis Management Preparedness



Security Mission

•           Asset Protection/Loss Prevention

•           Brand/Product Protection

•           Business Continuity

•           Corporate Security

•           Cyber Security/IT Security

•           Disaster Recovery

•           Emergency Management/Crisis Management

•           Investigations

•           Physical Security/Facilities

•           Regulatory Compliance

•           Risk Management

•           Workforce/Executive/Personnel Protection

Did you enjoy this article? Click here to subscribe to Security Magazine. 

You must login or register in order to post a comment.



Image Galleries

ASIS 2013 Product Preview

ASIS International 59th Annual Seminar and Exhibits, September 24-27 in Chicago, Illinois, will include an exhibit hall packed with innovative security solutions. Here are some of the products that will be shown at ASIS this year.


Virtualization and Data Center Security: What You Need to Know for 2014

Data centers are increasingly becoming the center of the enterprise, and data center and cyber security is following the same path for security departments. According to Justin Flynn, a consultant at the Burwood Group, the virtualization of data centers allows enterprises to scale more easily and faster, with a smaller footprint.

However, hosting enterprise data in the cloud can make intrusion detection more difficult – how can enterprise security leaders team up with other departments to keep aware of cyber risks and traffic, and physical and data compliance during the virtual transition? How can CISOs and CSOs discuss cyber threats with the C-Suite to get the resources they need? And how can the proper infrastructure test and verify possible malicious attacks? 

More Podcasts

Security Magazine

Security June 2015 issue cover

2015 June

In this June 2015 issue of SecurityIs the security director business’s new “corporate rock star?” Find out how CSOs can become the new leaders of their enterprises through mentorships, partnerships and creatively adding business value. Also, learn how security professionals are training employees in cyber security through games. And why are deterrence and detection so important when it comes to thwarting metal thieves? Find out in this issue.

Table Of Contents Subscribe

Body Cameras on Security Officers

Body cameras are being used increasingly by police in cities across the U.S. Will you arm your security officers with a body camera?
View Results Poll Archive


Effective Security Management, 5th Edition.jpg
Effective Security Management, 5th Edition

 Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics. 

More Products

Clear Seas Research

Clear Seas ResearchWith access to over one million professionals and more than 60 industry-specific publications,Clear Seas Research offers relevant insights from those who know your industry best. Let us customize a market research solution that exceeds your marketing goals.


Facebook 40px 2-12-13 Twitter logo 40px 2-12-13  YouTube  LinkedIn logo 40px 2-12-13Google+

Vertical Sector Focus: Critical Infrastructures

criticalhomepagethumbFrom terrorism to vandalism, it’s preparedness, response, training and partnerships. Learn about some of the critical security issues facing this sector.

Visit the Critical Infrastructure page to read more.