Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
Security Enterprise Services

Drive Down Risk by Leveraging Compliance

By Luis Ramos
Exclusives Feature Image
March 27, 2012

leverage_enewsIt’s a scary world out there. Hackers stalk your networks just waiting to access your data. Identity thieves are busily scheming how to take over your assets. Fraudsters look for ways to take advantage of your good graces for personal gain. Maybe you have total confidence in your information security efforts because your IT team is well-versed at protecting networks and data assets. But what about the business processes themselves, or the people responsible for the day-to-day operations of those processes?

Corporate security is an essential part of any organization, but all too often the role of security has remained overly focused in information technology. In essence, it’s been about creating a sturdier door with a more pickproof lock. But that’s changing. Today, security leaders are being called upon to not only manage protection and mitigate the consequences of risk, but also to proactively identify potential risks and to become better aligned with the organization’s values and ethics-based objectives.

Security policies are not at fault, nor do data protection protocols lack in scope. All things considered, security measures are more efficient than ever before. But the malfeasants have also become savvier in their efforts. A recent KPMG study, “Who is the Typical Fraudster?,” found that for more than one in ten fraud events, fraud was committed by individuals who colluded to circumvent otherwise good anti-fraud control measures – almost double the number reported just five years ago.

Corporate initiatives that are integrated enterprise-wide at the various touch-points along the compliance lifecycle serve to connect risk management activities with security’s role as the corporate guardian. Such an approach serves to strengthen an organization’s collective security posture and enables it to minimize the potential for fraudulent or unsafe activities, thus guarding against risk. This integrated approach to governance, risk and compliance (GRC) works in conjunction with existing data protection and security measures to align policies and standards of behavior (e.g., code of conduct) with the ability to monitor and track components such as training, policy violations, issue management and corrective action activities.

Traditionally, risk management has been more aligned with the finance and audit functions and separated from compliance activities. As a result, resources are often duplicated and compliance data is siloed according to the particular segment of the business. This creates an environment where risk is more difficult to detect and correct. Risk management that is more business-driven and values-based requires that the security and compliance functions seek common ground in a collaborative effort to both reduce and manage risk.

While the chief security officer (CSO) is responsible for digital security and the safety of employees, facilities and assets, the chief compliance officer (CCO) is responsible for implementing policies and procedures that are in sync with the organization’s values and risk tolerances. It is the CCO’s responsibility to ensure the company is compliant with all necessary laws and regulations and kept aware of any regulatory changes.

When changes do occur, the CSO and CCO must:

  • Adjust corporate policies and procedures accordingly and communicate those changes to every employee
  • See eye to eye and work to understand each other’s priorities and capabilities
  • Come to rely on one another to maintain a secure and compliant organizational structure

Teamwork in this department is entirely necessary for survival. Just as technology has led to improved security measures, Web-based technologies are evolving to drive business process improvements for compliance. These technologies automate the process of detecting security threats posed by people and the processes they use rather than by networks and data assets. When combined with traditional security tools, these new compliance technologies provide an additional layer of protection and greater actionability. By getting ahead of baseline, required compliance, CSOs and CCOs can create compliance processes uniquely tailored to their environment and help to secure business against opportunistic, creative thieves.

Security and compliance leaders face a common foe – risk – and everyone can agree that managing risk in an organization is essential for sustained growth. By giving credence to compliance initiatives, organizations provide their employees a better sense of confidence in the security tools being used and the rationale behind them. Leveraging an integrated GRC initiative better positions the enterprise to minimize fraudulent behavior and protect assets and reputations as they guard against risk.

KEYWORDS: leverage Security security compliance security risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Luis Ramos is the CEO of The Network, a leading provider of integrated governance, risk and compliance (GRC) solutions that help organizations mitigate risk, achieve compliance and ultimately, create better, more ethical workplaces. Luis has more than twenty years of experience in risk management and compliance, and his thought leadership has been featured in publications including National Underwriter Magazine, Risk Management Magazine, Loss Prevention and Ethikos.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Leadership and Management
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cybersecurity
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Logical Security
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Internal computer parts

Critical Software Vulnerabilities Rose 37% in 2024

Coding

AI Emerges as the Top Concern for Security Leaders

Person working on laptop

Governance in the Age of Citizen Developers and AI

Half open laptop

“Luigi Was Right”: A Look at the Website Sharing Data on More Than 1,000 Executives

patient at healthcare reception desk

Almost Half of Healthcare Breaches Involved Microsoft 365

2025 Security Benchmark banner

Events

June 24, 2025

Inside a Modern GSOC: How Anthropic Benchmarks Risk Detection Tools for Speed and Accuracy

For today's security teams, making informed decisions in the first moments of a crisis is critical.

August 27, 2025

Risk Mitigation as a Competitive Edge

In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • Open laptop with black screen and text

    Leveraging holistic GRC for compliance and audit preparation

    See More
  • collage

    Leveraging non-traditional experience to drive your security career

    See More
  • Ethics and Compliance Training Top 3 Challenges

    Ethics and Compliance Training Remains a Challenge from the Boardroom Down

    See More
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing