As business changes, so does – or so should – security. The direction of business can have significant consequences for security, both internally – in terms of influence, funding and organizational structure – and externally – in new threats, new risk, new mitigation requirements.
Are you watching business trends and thinking about how they should impact security and your strategies to mitigate risk?
Though we deal with risk everyday, there is one risk that rarely makes it into our risk management plans – a change in organizational leadership. Whether the result of an internal structural shift, an external hiring decision or a merger/acquisition, a change in leadership and reporting can signal a challenging time for security.
A security manager visiting a company manufacturing floor noticed a curtain hung around a work area. He asked if proprietary work was being done behind the curtain. “No,” he was told, “that’s just how we deal with Bill.” Bill had long, loud, demonstrative conversations with God while he worked on the floor, so they’d put up the curtain to shield the other employees from his disturbing behavior.
Global Security Operations Centers (GSOCs) are a valued necessity to support an enterprise’s global business goals and operations today, but building one requires buy-in, organization and insight from the enterprise’s internal and external customers, including its GSOC operators.