People

Are you making security tasks and requirements fast and simple enough?

Modern workplaces are full of distractions. Bombarded with emails and colleagues asking questions, employees are juggling multiple deadlines and dividing their attention between different devices and tasks.

This creates problems for implementing and managing security processes, policies and prevention measures. Mistakes and shortcuts are more likely to be made, and some tasks may even be completely forgotten.

Simplifying and streamlining security management and implementation means the right choice is the easy choice. How are you addressing this in your organization?

Simplification and attention.png

The evolving role of the Security Manager

This week we’re reading Angus Darroch-Warren’s piece about how the role of the Security Manager is changing.

(You can read the piece here

This article has some great analogies of how security managers are forced to evolve and adapt as the world is increasingly interconnected, with old silos breaking down.

Building on this, we’ve highlighted three focus areas that will help security professionals win in this complex environment.

  1. Understand your business. It’s been said before and is certainly easier said than done. However, it is crucial to know what drives value and cost in your organization. Who are your customers, where are they operating, what are their needs, who are your competitors and how is the landscape changing? Understand this to gain better insight into what and how you should protect and add value to your business’ customers. A business course will likely add significantly more value than a security course for any security manager today.

  2. Continuously review and adjust. The times they are a-changin’ – and so is the old game of cat-and-mouse. The days are gone where you could review your security assessments once a year, wait for an incident, or not review at all. The world is increasingly unstable, and threats are growing more complex and technologically advanced. This forces you to continuously review risks and mitigation measures to stay ahead.

  3. Simplify your communication. You must be able to explain to a non-security colleague what you are doing and how it supports the business in 2 minutes. That is the only way to get the buy-in and awareness that can change behavior, which is usually the most effective way to manage risks.