Enterprise security directors are stepping into the spotlight as their unique sets of silo-crossing skills position them for company-wide leadership. In Security magazine’s annual Security 500 Report, learn the top 10 trends that enterprise security leaders are facing this year, gather sector and issue-specific metrics to enhance your in-house reporting, determine which companies are leading the pack in your sector, and build your case to become the enterprise’s next go-to executive resource.
It’s not just the resiliency of the citizens of New Orleans that has earned the right to be celebrated this hurricane season. Businesses should also be celebrated for their resiliency. I recently spoke with executives from Cooperative Processing Resources (CPR) and LifeShare Blood Centers about the ways they avoided severe downtime during Hurricane Katrina, and bounced back as even more resilient organizations.
With cyberattacks making headlines almost on a daily basis, the role of the chief risk officer (CRO) is important now more than ever before. In addition to analyzing, monitoring, predicting, mitigating and evaluating many types of risks and conditions, chief risk officers (CRO) are held responsible for ensuring compliance to rapidly evolving industry regulations and analyzing IT operations to prevent data leakage.
Over the past few months, airport security hasn’t exactly made good headlines. Except for Miami International Airport. Unlike other airports across the U.S., Miami International Airport screens all employees that enter and exit the secured area of the airport. Miami has four checkpoints for employee screening, seven access gates for inspections of vehicles entering into the airfield, random background checks of employees and a mandatory security awareness class. Last year, the airport confiscated 209 employee ID badges for security violations. The airport has nearly 38,000 employees with ID badges, and 35,000 who have access to restricted areas. I spoke with Lauren Stover, Director of Public Safety and Security at Miami-Dade Aviation Department at the Miami International Airport (MIA) about the proactive stance that she and her team take each day.
Congratulations, security executives, soon you will officially be the “corporate rock-star.” That’s according to one industry analyst, Ted Schlein, who is also a general partner at Kleiner Perkins Caufield & Byers. In the article, “The Rise of the Chief Security Officer: What It Means for Corporations and Customers,” published by Forbes, Schlein wrote: “For business leaders today, no task is more important than ensuring confidence and trust in the organizations they lead. The boardroom has woken up to the importance of security – and to the enormity of what it will take to protect company and consumer data from attacks.”
As far too many companies victimized by data breaches can attest, we are in a “blame the victim” environment, where the breach victim is treated like an accessory to the crime. Time and time again, Congress, regulators, the courts and the media treat victim companies as if they are guilty until proven innocent, or rather “negligent until proven reasonable.”
In early April, Wall Street’s oversight committee announced that bank’s oversight of cybersecurity measures at outside firms it does business with remains a work in progress, at best. It cited a survey of 40 banks that found that only about a third require their outside vendors to notify them of any breach to their own networks, which could in turn compromise confidential information of the bank and its customers.
What does leadership mean to you? We all have our own ideas about what it means to be a good leader. For example, some people think leadership means guiding others to complete a particular task, while others believe it means motivating the members of your team to be their best selves. But while the definitions may vary, the general sentiments remain the same: leaders are people who know how to achieve goals and inspire people along the way.
For the next generation of enterprise security leaders, is there a clear path forward to success? Enterprise security leaders discuss mentorships, education, certifications and the skills new CSOs and CISOs will need to succeed in their evolving roles and bring value to the business. But the problem is: with existing security leadership roles varying so widely, is the development of a uniform skill set even possible?