Security Gets Offensive

​

REACTIVE SECURITY is so 20th century. Today’s mantra is adding to the corporate bottom line, generating return on investment, or serving as a source of competitive advantage. The problem is how to turn the jargon into reality.

Rachel Briggs and Charlie Edwards, who work for the security arm of the British think tank Demos, have spent a year examining multinational companies, seeking the ones that best align security with business objectives. They’ve found six common attributes of the most successful companies. For instance, security leaders in these companies “understand that their role is to help the company to take risks rather than eliminate them, and to have contingencies in place to minimize damage when things go wrong.”

These companies also allow the security team to take on responsibilities that ensure corporate “resilience.” These responsibilities include corporate governance, information assurance, and reputation management.

In what it calls “a manifesto for twenty-first-century corporate security,” the authors highlight several best practices for security departments to implement. Heads of security, Briggs and Edwards write, must “view their security experience as being far less important than their business, management, and communications experience.”