Trends Column / Security Leadership and Management

What keeps CEOs Up At Night?

What can CSOs learn from a CEO’s perspective on risk?

August 1, 2013

To get a 20,000-foot CEO view of global risk, the Lloyd’s Risk Index provides a good lens. This year’s global survey polled 588 C-Suite and board level executives from both larger and smaller businesses (mostly smaller) and included a broad, global participation base. 

Exciting (as much as insurance can be considered so) is that the survey asked about 50 risks across five categories, including security:

  • Business and strategic risk.
  • Economic, regulatory and market risk.
  • Political, crime and security risk.
  • Environmental and health risk.
  • Natural hazard risk.

More exciting…the survey also asked, “How prepared are you to manage these risks” and then had the respondents prioritize them.

While there are many textbooks on the best ways to identify, manage and mitigate risks, knowing what the boss is thinking provides valuable insider information. When asked the question “Are you better prepared to manage business risks than two years ago?,” 45 percent of respondents  indicated their organization is more prepared now than in 2011. But in 2011, 70 percent of respondents indicated they were more prepared than in 2009. And 6 percent say they are less prepared, which is double the 2011 level of 3 percent.

One reason for this result, according to the survey, is what Lloyd’s refers to as “a clear divide” of risk management between larger and smaller enterprises, as well as enterprises that operate in established versus emerging economies. The study concludes:


Larger companies in faster growing markets are following the evolution of their peers in established markets, recognising the heightened priority of business risks and their relative lack of preparedness to deal with them. Larger companies in established markets are moving increasingly towards a ‘more prepared than prioritised’ position. They have recognised their vulnerability to risk, made it a greater priority and invested in more comprehensive risk transfer (insurance) and risk management (mitigation) measures.


The survey also offers a historical perspective. Specifically, the graphic summary of 2013 versus 2011 results is informative. Examples of changes in risk priorities include the decline in concern over talent shortages and brand reputation, while cyber crime has soared toward the top of concerns. Regulatory compliance has risen, as well.

These results are in line with the Security 500 Benchmark report that has also witnessed an increase in cyber security and regulatory concerns as perennial top 10 issues among the reasons that CSOs lose sleep. Similarly, talent management and brand reputation have slipped in both survey results.

Because the survey is global, you can gain a regional perspective on business risks. For example, cyber security ranked second in North America and fourth in Latin America. Fraud/Corruption ranked fifth in Latin America. Only strict legislation/regulation ranked as a top five business risk in Europe, which did not include cyber. In the Asia-Pacific region, none of the top five risks were related to security or crime.

As we close out the 2013 Security 500 Survey and anticipate the Security 500 report, due out on November 1st, the Lloyd's Risk Index offers a different strategic view.  

Securitywill donate $.50 to the National Law Enforcement Officers Memorial Fund for every renewal/new subscription from our Summer of 2013 Renewathon. 

Did you enjoy this article? Click here to subscribe to Security Magazine. 

You must login or register in order to post a comment.



Image Galleries

ASIS 2013 Product Preview

ASIS International 59th Annual Seminar and Exhibits, September 24-27 in Chicago, Illinois, will include an exhibit hall packed with innovative security solutions. Here are some of the products that will be shown at ASIS this year.


Virtualization and Data Center Security: What You Need to Know for 2014

Data centers are increasingly becoming the center of the enterprise, and data center and cyber security is following the same path for security departments. According to Justin Flynn, a consultant at the Burwood Group, the virtualization of data centers allows enterprises to scale more easily and faster, with a smaller footprint.

However, hosting enterprise data in the cloud can make intrusion detection more difficult – how can enterprise security leaders team up with other departments to keep aware of cyber risks and traffic, and physical and data compliance during the virtual transition? How can CISOs and CSOs discuss cyber threats with the C-Suite to get the resources they need? And how can the proper infrastructure test and verify possible malicious attacks? 

More Podcasts

Security Magazine

Security magazine March 2015 issue cover

2015 March

In this March 2015 issue of Security check out our product preview of ISC West 2015. Also, learn how to make the best use of your security technology by working with your security integrator, get info on penetration testing, and discover how white glove security can enhance bottom line real estate value.

Table Of Contents Subscribe

Body Cameras on Security Officers

Body cameras are being used increasingly by police in cities across the U.S. Will you arm your security officers with a body camera?
View Results Poll Archive


Effective Security Management, 5th Edition.jpg
Effective Security Management, 5th Edition

 Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics. 

More Products

Clear Seas Research

Clear Seas ResearchWith access to over one million professionals and more than 60 industry-specific publications,Clear Seas Research offers relevant insights from those who know your industry best. Let us customize a market research solution that exceeds your marketing goals.


Facebook 40px 2-12-13 Twitter logo 40px 2-12-13  YouTube  LinkedIn logo 40px 2-12-13Google+

Vertical Sector Focus: Critical Infrastructures

criticalhomepagethumbFrom terrorism to vandalism, it’s preparedness, response, training and partnerships. Learn about some of the critical security issues facing this sector.

Visit the Critical Infrastructure page to read more.