Security Learns to Measure Twice, Cut Once
Providing “security” expertly, seamlessly, constantly and consistently is expected. The C-suite considers operational excellence so, well, yesterday. That has become the easy part of the job. Managing security is the road to success (or to avoid dismissal). And as I paraphrased CFOs everywhere in the first Security 500 Report in 2006: “If you can’t measure it, you can’t manage it.” But with programs like the Security 500, we are making great progress at addressing the business and economic impact of security programs and the value they create for their organizations.
Among the best leaders, thinkers and measurers in our midst is John McClurg, vice president and CSO of Honeywell’s Global Security Organization. John is in this month's feature story, New Math: Security Means Business Performance, with other security executives, and was among our first profiles in the 2007 Security 500 Report. He also keynoted the Security 500 Conference in November 2008. A week later, he was among the few CSOs available for press interviews at OSAC.
John’s keynote presentation was outstanding and powerful. It documented his management expertise and leadership skills, as well as his global security operational knowledge. And it was full of the methods and tools used at Honeywell, with board-level buy-in, to document the value of their security programs.
This month, Bill Zalud collaborates with John and other thought leaders on how security is being measured, valued and viewed among both security professionals and the organizational leaders they report to and depend upon for budget approval. In the article, John points out that metrics, performance measurement and benchmarking are not new. “They are ways to relate to the business,” he says. “And today, it’s the perfect method to show your indispensability to the enterprise.” For David Axt, in charge of security at Xcel Energy’s Prairie Island Nuclear Generating Plant, external measurements (OSHA, DOE, Nuclear Regulatory Commission, among others) must meld with internal metrics. In addition to customer satisfaction measures, Mike Cummings, director, loss prevention services at Aurora Health Care, observes that “relative to ‘activity’ or productivity performance, we use activity tracking software whereby we simply count the numbers of each service task that we do so that we can see empirically measure ourselves.” Check out this valuable cover story.
2009 Security 500 Survey and Benchmarking Report – Please Complete by 8/17
Among the leading efforts in our industry to help you identify how your program compares to others in your market sector is the Security 500 Report. Now in its fourth year, the survey has been updated and is available online for you at: www.sec500.com/survey
The purpose of this program is to provide a resource for your organization to compare with others through a benchmarking program. The report will enable you to answer the question, “Where Do I Stand?” as a basis of an ongoing peer review process.
As a participant, you will receive a detailed report containing metrics within your particular market sector. The published report in our November issue will not disclose your specific data.
- Metrics only you receive will include:
- Security Spending/Employee
- Number of IT Security Staff/Dollar Amount of Revenue
- Number of Security Officers/Employee
- Security Spending/Revenue
- Number of Security Officers/Square Footage of Facilities
- Keynote: Francis D'Addario
Former Security Director for Starbucks and Faculty, Security Executive Council
- Michael Balboni
Principal - Navigators Global
- Steve Lindsey
Director of Security Services – Walmart Stores Inc.