People

The evolving role of the Security Manager

This week we’re reading Angus Darroch-Warren’s piece about how the role of the Security Manager is changing.

(You can read the piece here

This article has some great analogies of how security managers are forced to evolve and adapt as the world is increasingly interconnected, with old silos breaking down.

Building on this, we’ve highlighted three focus areas that will help security professionals win in this complex environment.

  1. Understand your business. It’s been said before and is certainly easier said than done. However, it is crucial to know what drives value and cost in your organization. Who are your customers, where are they operating, what are their needs, who are your competitors and how is the landscape changing? Understand this to gain better insight into what and how you should protect and add value to your business’ customers. A business course will likely add significantly more value than a security course for any security manager today.

  2. Continuously review and adjust. The times they are a-changin’ – and so is the old game of cat-and-mouse. The days are gone where you could review your security assessments once a year, wait for an incident, or not review at all. The world is increasingly unstable, and threats are growing more complex and technologically advanced. This forces you to continuously review risks and mitigation measures to stay ahead.

  3. Simplify your communication. You must be able to explain to a non-security colleague what you are doing and how it supports the business in 2 minutes. That is the only way to get the buy-in and awareness that can change behavior, which is usually the most effective way to manage risks.