Establishing command and control gives the power to professionals so they can properly assess the risks and determine which threats pose the greatest danger and must be considered a high security priority. Authority also requires that they identify potential threats that may be considered “acceptable risks” to the organization – meaning they are worth keeping an eye on, but don’t warrant a significant security investment.
For a long time, security was its own entity in the IT infrastructure. Security and IT didn’t always see eye to eye, and there were often points of contention. Nowadays, as collaboration between the two has become more common, both IT and security are combining forces to better understand the risks and threats to the enterprise.
Schools, businesses and enterprises across the world have experienced a paradigm shift since the terrorist attacks on Paris and Belgium. As active shooters and terrorists get more creative in choosing and evaluating softer targets, security leaders are striving to keep their enterprises safe and alert without damaging the culture.