Articles by Lynn Mattice

Does Pre-Employment Vetting Bring an Enterprise More Value or Liability?

Does your organization have an active program that conducts reference checking on employees before they are hired? Ownership of the pre-employment vetting process does not often reside with the security function within the organization. Some companies outsource background checks to third party organizations to share the task. Many of these policies are impacted by legislation, and limitations can be imposed on the use of various vetting methods.


Read More

Balancing the First Amendment with Brand Reputation after Breaches

Over the last several years, it has become commonplace for the media to publish information based on electronic materials that have been removed or copied either by organizational insiders and/or external people or groups. The publication of this type of material has impacted individuals, public and private organizations and various government agencies. While it is important for a free society to have the benefits of a free press serving as one of the checks and balances to protect citizens from abusive practices, we may have reached a point where we should re-examine how this is practiced. Are our criminal and civil statues effective on these issues?


Read More

Security Succession Planning for CSOs

You have been with your current organization for more than 10 years leading the corporate security function, having conceived and built the program, hired staff around the world and integrated the department to being a trusted advisor to senior management. Since this is your second career, you are now reaching a point that you would like to retire and pursue other passions and personal interests. After sitting down and discussing this with your boss, you realize that he or she and the management team are concerned about the lack of a succession plan for your replacement. Their position is: While your second level staff is very good operationally, they are not under serious consideration for your role, and HR will be looking outside the company for your replacement.


Read More

7 Pitfalls in Career Transistioning

 At some point during your working life, you will find yourself looking for a new job. There are a wide range of circumstances that may bring you to that point, ranging from retiring from public or military service; corporate reorganizations and/or leadership changes; you’re terminated; you resign; the location at which you work is destroyed; your company collapses financially; or you just want to advance your career in a new environment. While each of these circumstances may influence how you will position yourself during the job search, there are a number of common factors that place immense stress on an already difficult process.  


Read More

How Much Do Certifications Help Your Career?

 Afew years ago we published an article on security related certifications that were being marketed as a means to advance your career. At that time there were a relatively small number of certifications that we were seeing listed on resumes. Today, we are still routinely asked which certifications are needed for career advancement or which ones are being requested by hiring managers. Frankly, unless the role has a specific requirement that connects to one of the more technical certifications, for the most part, the hiring authorities are not demanding them.  


Read More

Who is Facilitating Insider Threats?

Are enterprises in an impossible situation when it comes to dealing with insider threats?

While legislators have passed a multitude of statutes to aid in the protection of our economic interests pertaining to data systems – non-physical assets and privacy – frequently any course of action is still determined by the concept of monetary loss and treated as if someone was stealing or damaging physical assets, or as in the case of the Stored Communications Act (SCA), creating a statue that has been described as dense and confusing to even legal scholars.


Read More

Managing Risk Across the Enterprise

The key to the risk-based security program is that no matter what issue you examine, every one of them affects the reputation of the enterprise in one manner or another.

Once the risk matrix has been populated, management must then prioritize the risks and determine which are the most critical to the viability, survivability and resilience of the enterprise. When that prioritization has been completed, various functions within the organization can be tasked to design the appropriate solution for the risk involved.


Read More

Controlling Brand Risk

How the market perceives a company and its brand(s) ultimately dictates success or failure.

Constant vigilance in the marketplace is vital to understanding, responding to and mitigating incidents that can have a devastating impact on your enterprise’s brand and reputation.


Read More

How to Add Resiliency to Your Risk Management Strategy

The latest buzzword these days is “Resiliency,” which for all intents and purposes is really nothing more than a new term for business continuity planning (BCP) in the private sector and continuity of operations planning (COP) in the public sector.

Probably the most important first step an organization should take in developing their BCP/COP program is to conduct an inventory of all of the enterprise’s processes, assets and resources (PAR). No one has the time or resources to boil the ocean, so once the inventory has been completed, the next step involves prioritizing the PAR list from the most critical to the least important.


Read More

Multimedia

Videos

Image Galleries

ASIS 2013 Product Preview

ASIS International 59th Annual Seminar and Exhibits, September 24-27 in Chicago, Illinois, will include an exhibit hall packed with innovative security solutions. Here are some of the products that will be shown at ASIS this year.

Podcasts

Virtualization and Data Center Security: What You Need to Know for 2014

Data centers are increasingly becoming the center of the enterprise, and data center and cyber security is following the same path for security departments. According to Justin Flynn, a consultant at the Burwood Group, the virtualization of data centers allows enterprises to scale more easily and faster, with a smaller footprint.

However, hosting enterprise data in the cloud can make intrusion detection more difficult – how can enterprise security leaders team up with other departments to keep aware of cyber risks and traffic, and physical and data compliance during the virtual transition? How can CISOs and CSOs discuss cyber threats with the C-Suite to get the resources they need? And how can the proper infrastructure test and verify possible malicious attacks? 

More Podcasts

Security Magazine

April 2015 security magazine cover

2015 April

In this April 2015 issue of Security, find out how to keep your enterprise resilient after a disaster in 2015. Also discover how to strike a balance between design basis threats and active shooter threats and see what's in store for the 2015 RSA Conference.

Table Of Contents Subscribe

Body Cameras on Security Officers

Body cameras are being used increasingly by police in cities across the U.S. Will you arm your security officers with a body camera?
View Results Poll Archive

THE SECURITY STORE

Effective Security Management, 5th Edition.jpg
Effective Security Management, 5th Edition

 Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics. 

More Products

Clear Seas Research

Clear Seas ResearchWith access to over one million professionals and more than 60 industry-specific publications,Clear Seas Research offers relevant insights from those who know your industry best. Let us customize a market research solution that exceeds your marketing goals.

STAY CONNECTED

Facebook 40px 2-12-13 Twitter logo 40px 2-12-13  YouTube  LinkedIn logo 40px 2-12-13Google+

Vertical Sector Focus: Critical Infrastructures

criticalhomepagethumbFrom terrorism to vandalism, it’s preparedness, response, training and partnerships. Learn about some of the critical security issues facing this sector.

Visit the Critical Infrastructure page to read more.