The evolving role of the Security Manager

This week we’re reading Angus Darroch-Warren’s piece about how the role of the Security Manager is changing.

(You can read the piece here

This article has some great analogies of how security managers are forced to evolve and adapt as the world is increasingly interconnected, with old silos breaking down.

Building on this, we’ve highlighted three focus areas that will help security professionals win in this complex environment.

  1. Understand your business. It’s been said before and is certainly easier said than done. However, it is crucial to know what drives value and cost in your organization. Who are your customers, where are they operating, what are their needs, who are your competitors and how is the landscape changing? Understand this to gain better insight into what and how you should protect and add value to your business’ customers. A business course will likely add significantly more value than a security course for any security manager today.

  2. Continuously review and adjust. The times they are a-changin’ – and so is the old game of cat-and-mouse. The days are gone where you could review your security assessments once a year, wait for an incident, or not review at all. The world is increasingly unstable, and threats are growing more complex and technologically advanced. This forces you to continuously review risks and mitigation measures to stay ahead.

  3. Simplify your communication. You must be able to explain to a non-security colleague what you are doing and how it supports the business in 2 minutes. That is the only way to get the buy-in and awareness that can change behavior, which is usually the most effective way to manage risks.

Taking an integrated view of assessing political risk

A recent article in Risk Management magazine focusing on using insurance to mitigate political risk prompted a conversation about the growing complexity of risks in our modern age.

(you can read the article here)

When assessing risks and their potential impact on your organization you have to address them from an integrated and holistic viewpoint. For political risks it is correct that instability, trade wars and barriers can potentially have an enormous financial impact, and insurance might be a good way to mitigate that uncertainty.

But looking more broadly, the potential impact of political risks on the safety of your employees and suppliers is not only financial but also reputational. This is because political risks can strike at the heart of your organization’s moral obligation to provide safe environments for the people it is responsible for.

Your organization might suffer economically, but we all know that the reputational damage can be irreparable if an organization does not live up to its moral obligations. Modern communications ensure a high level of transparency and global opinion that has to be taken seriously.

These challenges are not something you can mitigate with insurance, and there are several examples of companies that have never fully recovered after a reputational setback. 

The complexity of risks is growing as our world is even more interconnected and transparent, which is why integrating the way you evaluate risks and mitigation is more important than ever.