Leadership Solutions

Pie2.jpg

Security Research & Benchmarks

Our latest benchmark covers security program costs, program ownership, reporting structures and more. Preliminary results from this benchmark suggest...

Average Security Budget as a Percentage of Organization Revenue is 0.068% (result released August 2011)

Average Security Budget Dollar Per Organization Employee is $249 (result released August 2011)

These are just some of the risk management metrics we have collected. If you would like more details such as how these break down by industry or size of organization then you have to participate in the Security Leadership Research Institute (SLRI). There is no cost to join the SLRI. The only requirements are you must know the details about your organization's risk management budget and structure and be willing to participate in the SLRI research. All information will be held in the strictest confidence and will only be shared in an aggregate form.

Some Recent Results from our Security Barometer Polls

  • 64% of security executives felt knowing how best to evaluate their security program would add the most value to their department
  • 27% of security executives have lost a job as a result of a change in management


See below for more valuable research and benchmarks for risk management executives.


Selected Research & Benchmarks

14 Effective Solutions for Creating Successful Security Programs
Created By: Security Executive Council
This paper highlights brief case studies that depict solutions using Security Executive Council tools and processes. These are based on what the SEC has gleaned in the last 10 years working with security practitioners. At the end of the document don't miss 10 Tips You Can Learn from our Experience with Successful Programs.
 
Assessment Quiz: Organizational Readiness for Security
Created By: By: Security Executive Council
The Council has spent years researching this topic and has found that understanding what management thinks Security "is" and "does" is critical. You need to know how management perceives Security in order to educate them on the reality - and to get appropriate buy-in for resource requests or advancement of your goals.
 
Assessment Quiz: Security Leadership Continuum
Created By: Security Executive Council
This quiz is now closed but you can see results from those that took it.
 
Corporate Governance and Compliance Hotline Benchmark Report I
Created By: Security Executive Council
How "healthy" is your organization? Receive your complimentary copy of the first Corporate Governance and Compliance Hotline Benchmarking Report. This groundbreaking report examines organizational hotline activity across all major industries.
     Click here to view a short video describing this resource in more detail.
Registration required for download
REGISTRATION
REQUIRED
Corporate Governance and Compliance Hotline Benchmark Report II
Created By: Security Executive Council
The Security Executive Council announces its second report on corporate hotline data, providing executives a benchmark against which to assess their own governance and compliance hotlines. This year's report includes data on more hotline reports and is organized to make it easier for you to compare your organization's hotline program with like businesses. Thsi second Corporate Governance and Hotline Benchmark Report will benefit all executives who deal in compliance or corporate ethics, so please download it and pass it on to your colleagues.
     Click here to view a short video describing this resource in more detail.
Registration required for download
REGISTRATION
REQUIRED
Driving Excellence in Enterprise Security
Created By: George Campbell, Security Executive Council Emeritus Faculty
This paper provides a starting place for security leaders who are interested in operational excellence or are considering applying it within their programs. It includes: Range of approaches gathered from discussions with a number of Tier 1 Security Leaders™; insight into how to achieve a critical baseline assessment of security’s value; potential measures of excellence in security programs; and a template to help investigate and identify initial targets for application of operational excellence.
 
Executive Summary: Corporate Security Organizational Structure, Cost of Services and Staffing Benchmark
Created By: The Security Leadership Research Institute
The Security Leadership Research Institute (SLRI) has published ground breaking results of their Corporate Security Organizational Structure, Cost of Services and Staffing survey. The full report covers such metrics as security budgets, staffing, program drivers, governance and oversight. This executive summary provides a glimpse into some of what is contained in the full report. If you participate in the SLRI surveys you can receive the next edition of the full report. For more information about SLRI click here
Click to visit our Strategic Alliance partner’s site, Elsevier, for more information or to order this book.
 

International Security Programs Benchmark Report 1 of 3

Created By: Security Executive Council
This is the the full report that Security Executive Council members and participants receive.This project began as a member driven strategic initiative to ascertain the what and how of international security programs. Based on in-depth Tier 1 Secuirty Leader interviews earlier in the project, it became clear research was necessary to fully grasp the breadth and scope of programs currently in place and any differentiators. This is the first of three projected reports from this data. Click to visit our Strategic Alliance partner’s site, Elsevier, for more information or to order this book.
     Click here to view a short video describing this resource in more detail.

Issue Exploration: Security Leadership Background Trends

Created By: Security Executive Council
Based on recent observations, the Council conducted a survey to ascertain whether the backgrounds (or knowledge sets) of security leaders are changing. Download the results and analysis. Interestingly, we found that not only did respondents have military, law or government function experience but also business experience.
     Click here to view a short video describing this resource in more detail.
Resource is for Tier One Leaders only
Resource is for Tier One Leaders only
Legislation, Regulations, Voluntary Compliance & Standards Library (LRVCS)
The Council is collecting the ever growing LRVCS related to security. Contribute a missing item and receive a free metrics presentation PowerPoint. Send suggestions to contact@secleader.com
     Click here to view a short video describing this resource in more detail.
Next Generation Security Leader Graphic
Created By: Security Executive Council
This graphic appeared in Access Control magazine along with an article on the subject and is an artistic representation of the project developed by the Council. Each of the six "knowledge streams" represents the core leadership competencies as represented by Tier 1 Security Leaders and Faculty necessary for today's leaders.
     Click here to view a short video describing this resource in more detail.
Click to download PDF file
314KB
Nine Practices of the Successful Security Leader
Created By: The Security Executive Council
A series of in-depth practitioner interviews conducted by the Council led to the identification of nine practices that the most successful leaders have in common. Interviews were asked questions related to their top organizational risks, business alignment and drivers, internal influence issues and senior management's view of Security. During the resulting qualitative analysis, it became clear that the interviewees with highly successful, internally recognized security programs had several things in common.
The public can obtain the report here: Nine Practices of the Successful Security Leader
 
Research about Attitudes on the Benefits and Controls of Web 2.0 in the Enterprise
Created By: Security Executive Council
Many companies see value in using Web 2.0 apps to increase market reach or collaboration at a lower cost. Can these applications be misused? Certainly, but not unlike any other outlet that lets employees socialize or conduct personal business while on company time. The following report explores some of the current thinking and research on the topic.
Click to visit our Strategic Alliance partner’s site, Elsevier, for more information or to order this book.
     Click here to view a short video describing this resource in more detail.
Security Barometer Results: Are Security Practitioners Using Twitter for Business?
Twitter apparently is being used by some people but we wanted to know if risk management practitioners were using twitter for business purposes. We are sharing some good feedback that might be of interest to you as you consider if and how Twitter might play a role in your risk management programs.
 
Security Barometer Results: Are You Fairly Compensated?
In this security barometer quick poll we wanted examine to what extent the economy was affecting compensation. However we found something more enlightening in the commentary about why respondents felt the way they did. See how your peers responded here.
 
Security Barometer Results: Centralized Risk Repository
A centralized repository of risks provides a robust foundation for an effective risk management program. While 90% of respondents felt a central repository was valuable less than half had one. See more about results of our poll here.
 
Security Barometer Results: If You Had Three Wishes
If you could have anything you wanted for your risk management program what would it be? In this quick poll we wanted to find out what elements would add the most value to security leaders and their teams.
 
Security Barometer Results: Impact Of Terrorism Arrests on Security
We created this Security Barometer quick poll in the aftermath of the U.S. the terrorism arrests that occurred in New York and Denver in September 2009 to find out if business executives saw any connection between these events and the long term health of their own organizations.
 
Security Barometer Results: Mexico Drug Decriminalization
Will the recent changes in drug laws affect you? A common theme from respondents was their concern regarding transportation and cargo. Even if your organization does not have facilities in countries with lax drug laws you may want to give thought to the risks in your supply chain.
 
Security Barometer Results: The Security Executive's Tenure
The Security Executive Council set out to gather some information about why leaders in the security and risk mitigation field have been dismissed from their jobs.
 
Security Barometer Results: Top 5 Security Risks To Your Organization
As organizations become leaner and more agile the management of security risks becomes more important than ever in protecting the value being built. It is becoming imperative that all business functions maintain focus on the tasks that really matter to the organization. See what risk management executives are focusing on now.
 
Security Barometer Results: What Business Journals are Security Practitioners Reading?
Keeping a close watch on the economic and business trends buffeting your organization is a critical prerequisite for truly understanding how your team supports your organization's goals. In this poll we wanted to get an idea what business journals security practitioners were reading to keep up with those business trends.
 
Security Barometer Results: What is Putting Your Continued Employment at Greatest Risk?
Overall the results demonstrate that the risks to continued employment that security and risk management executives face are as diverse as the organizations they represent. These risks are largely determined by the state of your organization's perception of the need for security and its unique culture, or what we call "organizational readiness".
 
Security Barometer Results: Where do you go for information about your day-to-day operational needs?
These results include the top eight resources sought out by risk management practitioners as well as examples of the type of information being requested.
 

Security Budget Research Report

Created By: The Security Executive Council
This is an analysis of data collected from survey of security program budgets that was conducted by the Council January 2009. This report, available to Council members, provides detailed information on the changes in budgets over the past two fiscal years segmented by industry as well as budget category. In addition the report provides a list of some of the creative efforts that security executives are undertaking to counter the effects the economy is having on their security programs.
     Click here to view a short video describing this resource in more detail.
Resource is for Tier One Leaders only
Resource is for Tier One Leaders only

Security Budget Research Report: Impact of the Economic Downturn
Executive Summary

An executive summary of the results of a survey was sent to qualified security practitioners (over 85% at the director level or above) to gather information on the state of their security budgets and to assess any impact the economic downturn has had on their programs.
Resource is for SEC Vanguard membership or Tier One Leaders only
Resource is for SEC Vanguard membership or Tier One Leaders only

Security Executive Council Trend Report: Benefits and Risks of Web 2.0 in the Enterprise

Created By: Security Executive Council
Enterprises are adopting Web 2.0 applications in increasing numbers to improve communication and workflow within their businesses and to improve relationships with clients. Businesses employing such applications must be prepared to face the risks that accompany it.
Resource is for SEC Vanguard membership or Tier One Leaders only
Resource is for SEC Vanguard membership or Tier One Leaders only

Security Performance Measures and Metrics

Created By: Security Executive Council
A total of 156 survey participants, including Security Executive Council (SEC) Tier 1 Security Leaders, answered questions about performance measures security practitioners are using in this benchmark.
Resource is for Tier One Leaders only
Resource is for Tier One Leaders only
Security Title Benchmark: Survey Report
Created By: Security Executive Council
Based on a Security Executive Council Survey of 415 respondents between September 26 and October 20, 2005.
Click to download PDF file
171KB

Trend Research Report: Foreign Corrupt Practices Act (FCPA) Due Diligence

Created By: Security Executive Council
A report on third party due diligence related to FCPA activities according to current research. Findings are from sources such as audit and law firms and other associations that represent many multi-national/global companies. Report developed to educate senior management and other internal stakeholders (e.g., peers) on what a third party due diligence program as it relates to FCPA may encompass.
Resource is for Tier One Leaders only
Resource is for Tier One Leaders only
Trend Research: Bring Your Own Device (BYOD) To Work
Created By: Security Executive Council
This resource was developed based on a Tier 1 Security Leader member and their IT colleague looking at productivity around the topic of BYOD to work (e.g., if I had my own phone or computer (e.g., Apple brand device) I could increase my productivity.) The research was then expanded to include further information on what peer corporations are doing in this area (e.g., pros, cons, must haves, challenges, risks and liabilities).
Click to visit our Strategic Alliance partner’s site, Elsevier, for more information or to order this book.
 
Trend Research: Comprehensive Business Continuity Programs
Created By: Security Executive Council
This compilation of publicly available information, Council research and observations on business continuity is intended to supply background to use to assist in developing a business continuity program or weighing the effectiveness of an existing program.
A member item available for purchase. Visit our store.
     Click here to view a short video describing this resource in more detail.
Resource is for Tier One Leaders only
Resource is for Tier One Leaders only
Trend Research: Crisis Management at the Speed of the Internet
Created By: Security Executive Council
This report that sheds light on the rapidly changing nature of threats on the Internet and how companies, with Security’s help, can respond strategically. It provides examples of companies that have faced threats to their brands and how they have responded; strategies to prepare ahead and help to mitigate the effects when a crisis occurs and explores the broader need for a comprehensive communication and crisis management plan that incorporates the dynamic nature of the Internet.
Click to visit our Strategic Alliance partner’s site, Elsevier, for more information or to order this book.
     Click here to view a short video describing this resource in more detail.