Leadership Solutions

Security Metrics: Measuring Awareness Programs

Create A Security Awareness Dashboard
One of the fundamental obligations we have in corporate security is to understand the potential for “what if” and communicate our knowledge and concerns both to those who could be affected and to those who have accountability for protecting the assets of the enterprise.

Empower Critical Business Process Owners Through Awareness
Security has a unique perspective on risk that comes from gathering, analyzing and understanding threat and risk data. This insight obligates us to make our customers aware of the risks that could affect them, especially when those customers control the most sensitive and essential business processes in our companies.

Measuring Awareness of Access Control Responsibilities
Two key measures of the effectiveness of a security program are (1) how well security communicates the security responsibilities it expects employees to meet; and (2) the affirmation that those expectations are being met.

Security Awareness: A Few Key Indicators
If your company thinks
Security is the owner of security-related business risk, get your résumé up to date! Business process owners’ awareness is a fundamental element in a security risk mitigation strategy. We are paid to understand the range and depth of risks confronting the business in its various environments, to build strategies to mitigate them, and to educate our constituents on their responsibilities.

The Risk-Aware Organization
Security practitioners often equate security awareness programs with posters in break rooms, intranet alerts and informative brochures on the risk of the month. While these media serve a useful purpose, Security’s risk awareness strategy must be significantly more disciplined and structured than a periodic communication exercise.

Watch our 3-minute video to learn about how the SEC works with security leaders. Contact us at: contact @secleader.com.

Copyright Security Executive Council. Last Updated: November 10, 2017