Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Career Intelligence
    • Cyber Tactics
    • Cybersecurity Education & Training
    • Leadership & Management
    • Security Talk
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Interactive Spotlight
    • Photo Galleries
    • Podcasts
    • Polls
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
ColumnsManagementPhysicalSecurity Talk ColumnSecurity Enterprise ServicesSecurity Leadership and ManagementSecurity & Business Resilience

Security Talk

4 security risk management tips for small to medium-sized organizations

By focusing on low-cost, high-impact initiatives, security management can build comprehensive programs with little resources.

By Maggie Shein
security talk
coins in jar

John_Brueske / iStock / Getty Images Plus via Getty Images

Duncan Turner

Duncan Turner

security talk
coins in jar
Duncan Turner
August 3, 2022

Building comprehensive security programs with little to no budget and little to no staff is a monumental task. But it’s not a “chicken or the egg” scenario. Security leaders tasked with building a security function, raising the profile of security within an organization, or tackling specific risks can implement low-cost, high-impact initiatives that will not only holistically elevate security’s position in the organization, but go a long way in increasing safety and security as well.

Before moving to Amazon Studios where Duncan Turner is Head of Physical Security Operations, Turner spent his career building security and risk mitigation programs at a number of organizations, including Walt Disney Studios, Snapchat and Hulu. At Hulu, Turner had his chance to practice and hone building security risk management programs in a sustainable, scalable way to achieve maximum impact with minimal resources.

The challenge for so many security managers struggling to build their security programs, he says, is that outsourcing is not typically the answer — at least not on a large scale because the cost is so high. And yet, there are so many programs to build, including threat identification, intelligence, investigations, executive protection, business continuity, emergency response, incident management, workplace violence, security awareness and many more. Of course, not all roles and responsibilities are applicable to individual organizations, but the point is — there are many shoes to fill.

Regardless of whether they have no team members or little budget, Turner says there are a number of practical steps and strategies security leaders can start with to build solid security programs.


1. Focus on policies.

One of the low-hanging fruits of building out a security function is focusing on policies: either creating or revamping them. “Policies cost nothing and can be a very high-impact way of introducing security to an organization,” Turner says.

For example, security management can work together with HR and legal to take a look at workplace violence or harassment policies and procedures. Mapping out policies, reporting, responses, and — perhaps most importantly — identifying the necessary stakeholders to be included in development, delegation and response is an inexpensive way for security teams to focus on risks and pain points within the enterprise.


2. Don’t forget training.

While security-related training can have a significant impact on an organization’s response and business continuity and resiliency, training can also be done with very little cost if managers are willing to think outside the box.

“Training is something you don’t necessarily need to outsource,” Turner says. For example, with solid relationships in place, local police departments or public agencies may allow security leaders or their team members to participate in planned annual trainings, such as active shooter or emergency response exercises. Some public agencies have outreach programs for which they do “train the trainer” sessions on particular topics. Security managers can identify and attend a targeted seminar or training session on a particular subject for minimal cost.

In any of these cases, security managers can then bring lessons learned and applicable materials back to their organization to train everyone else.


3. Be judicious with technology.

Technology can be a force multiplier for any security program, but security leaders with small budgets need to do their homework before selling such an investment to leadership. “Though technology may be one of your highest cost items, it can be easy to justify to leadership if you’ve done your homework. Tell them the consequences of not having such a technology,” Turner recommends.

First, security managers should take inventory of any existing technologies and determine whether those can be integrated with new technology, as well as seeing if one solution can be leveraged for additional purposes.

When choosing a technology, security leaders should ensure the solution will be able to expand in the future with minimal replacement costs, Turner says. For example, if the organization is implementing gunshot detection, find out if the solution is easily scalable by adding additional sensors or devices in the future without having to rip and replace an entire system.

In addition, technology placement should be focused and deliberate in order to keep costs down. If the organization can only afford three sensors, for example, focus on those areas with the highest negative impact potential.  


4. Build a culture.

Beyond training and policies, having an embedded, strong security culture within an organization is particularly important for small security teams with limited staff. By getting everyone on board and familiar with security initiatives and making it a part of the culture, security leaders will have a much easier time mitigating risk and proving value to the greater organization.

There are a number of strategies for building a security culture with limited resources, but perhaps the most fruitful, according to Turner, is leveraging other people within the organization. He recommends utilizing employees from cross-functional groups to form threat assessment teams or emergency response teams to boost ideas, support and headcount.

He has also turned to departments such as brand awareness, marketing, internal communications and even facilities, utilizing their existing infrastructure, skills and fresh ideas to make security awareness videos, activities and signage.

“Synergy points across the organization are huge for small security teams. If you can leverage those relationships at the right time and execute them in a really effective way, you will make a big impact,” Turner says.

KEYWORDS: enterprise security risk management security budgets security culture security leadership

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Maggie shein

Maggie Shein was Editor in Chief at Security magazine. She has been writing, editing and creating content for the security industry since 2004. She has an experienced background in publishing, communications, content creation and management. Within her role at Security, Maggie handled the overall direction of the brand, organized and executed the annual conference, facilitated Solutions by Sector webinars, researched and wrote exclusive cover stories, managed social media, and authored the monthly Security Talk column. She has both an undergraduate degree and master's degree in journalism.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Cyber tech background

    Security’s Top Cybersecurity Leaders 2026

    Security magazine’s Top Cybersecurity Leaders 2026 award...
    Security Leadership and Management
  • Iintegration and use of emerging tools

    Future Proof Your Security Career with AI Skills

    AI’s evolution demands security leaders master...
    Career Intelligence
    By: Jerry J. Brennan and Joanne R. Pollock
  • The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report surveys enterprise...
    The Security Benchmark Report
    By: Rachelle Blair-Frasier
Manage My Account
  • Security Newsletter
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Popular Stories

Hand reaching up out of the ocean

What I Learned About Burnout the Hard Way (and How to Actually Fix it)

Officers at an event

The 2026 FIFA World Cup Will Test Security Operations Like Never Before

Colorful laptop

Organizations Think They Know Who’s Visiting Their Sites. They Don’t.

Glasses in front of coding on screen

5 Ways Quantum and AI Will Rewrite the Rules of Cyberattacks

Sewer

Why Are People Entering NYC’s Sewers at Night?

SEC 2026 Benchmark Banner

Events

July 8, 2026

The 2026 Security Maturity Benchmark Report: Insights From Senior Security Leaders

LIVE: July 8, 2026 at 2 pm EDT In this webinar, speakers will share key insights from the report, including why today’s threat environment demands greater maturity and how to evaluate your organization’s current security posture.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products


Alertmedia sponsored webinar

Related Articles

  • Cyber Insurance Rates, Purchases and Coverage

    Small-to-Medium-Sized Enterprises More Likely to Adopt Cyber Insurance

    See More
  • Hacker graphic over map

    10 tips for small businesses to prevent cyberattacks

    See More
  • Unprepared Companies Vulnerable to Ransomware Attacks

    Ransomware is the Biggest Threat for Small to Medium Businesses

    See More

Related Products

See More Products
  • security culture.webp

    Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

  • contemporary.jpg

    Contemporary Security Management, 4th Edition

  • Risk Analysis and the Security Survey, 4th Edition

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • Newsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2026. All Rights Reserved BNP Media, Inc. and BNP Media II, LLC.

Design, CMS, Hosting & Web Development :: ePublishing