Convincing C-suite executives to approve budgets for security system upgrades may be difficult in the best of times. However, the COVID-19 pandemic and resulting financial upheaval it caused may make selling new projects more challenging for security directors. While security may not be a daily topic of discussion among C-suite members, they understand the need to provide and maintain a safe and secure environment for corporate employees and visitors. But they don’t see security in terms of a camera brand or access card technology. They view security in terms of risk management and mitigation strategies. Addressing those concerns in any project plan will increase its chances of it winning approval.
What is a security professional to do when you are already operating a lean organization, you are protecting your company’s assets the best you can and you still have to perform better with fewer resources?
We tend to believe that it is the business’s responsibility to understand the importance of security and, therefore, recognize the need to invest. But in the world of business, that’s simply not the case. Business leaders have operations to run and missions to fulfill, and as security leaders we need to understand that it’s up to us to bridge the gap between the security way of thinking and the business way of thinking.
Enterprise Security Risk Management (ESRM) is a strategic approach to security management that ties an organization’s security practice to its overall strategy using globally established and accepted risk management principles. In ESRM, the security professionals and the asset owners share security responsibilities, but all final security decisions are the responsibility of the asset owner.
When creating reports for an executive-level audience, keep in mind that they have received many other metrics reports that same day, and they have only a few minutes to give to each of them. If you make it easy to read and understand and clearly tell your story using data points and brief summaries, they will be able to digest your information faster, retain more and maybe even begin to look forward to receiving your report on a regular basis.
More than fifty percent of survey respondents struggle to align security initiatives to business goals and 44 percent aren't clear on what the business goals are, says a Thycotic Cyber Security Team's Guide to Success report.
This month in Security magazine, we bring you our 2020 Most Influential People in Security annual report, where we highlight 22 industry leaders, their path to security, careers, goals and guidance for future security professionals. Industry experts discuss the evolution of ransomware, houses of worship security, cybersecurity standards, security careers in investigations and the unifying power of security. Diane Ritchey, past Editor-in-Chief, says goodbye and thank you to our readers.