Are Core Security Programs Being Neglected?
Surprisingly, security programs and services often go into automatic mode after being set up by organizations. Things are working well enough, so little thought is given to them. You might be concerned about the programs, but either the organization is not interested, or you are too busy with urgent issues to work on improving them.
Next StepsMost of the listed concerns, in one way or another, relate to the ability to demonstrate the value that Security brings to the organization. The lack of support within the organization, whether that is because of Senior Management not devoting attention, other business units not sharing responsibility, or lack of resources necessary, all point to a deficient value proposition.
Certainly, there will be some organizations, for example startups who are focused exclusively on growth, or businesses that are in a deteriorating financial state, that simply will not attend to security issues regarding of the hazard. However, all operational functions within an efficient stable organization will have a strong business case to support them.
The Security Executive Council is the industry leader at providing guidance and acting as a sounding board for reviewing, enhancing or rebuilding your security programs and services. Download more information about the SEC's Program and Services Review capabilities.
For more resources on this topic see Demonstrating Value: Communicating Value
Watch our 3-minute video to learn about how the SEC works with security leaders. Contact us at: contact @secleader.com.
Copyright Security Executive Council. Last Updated: February 28, 2019
You can download a PDF of this page below: