Bringing A Corporate Security Culture To Life

In Bringing a Corporate Security Culture to Life, presenter Peter Cheviot, former vice president of corporate security for BAX Global Inc., discusses how to build and maintain a corporate security culture that encourages company employees to take ownership of security and facilitates communication. In this 18-minute video presentation of narrated slides, the concept of "security culture" is defined, and Cheviot explains how it can improve the effectiveness of security and risk management programs. Security culture refers to the idea that the security manager must encourage shared ownership of and accountability for the organization’s security program among all employees. In this presentation, the ways to achieve a good security culture are outlined. They include impressing the return on investment (ROI) of security services, designating security ambassadors for various functional areas of the business, providing training, connecting with senior management, and sharing security program performance results. When employees and other business stakeholders feel that they have ownership over security policies, the results are higher compliance, return on investment, and net gains through continuous improvements. The tools and recommendations found in Bringing a Corporate Security Culture to Life will help security managers and their teams achieve these results. Bringing a Corporate Security Culture to Life is a part of Elsevier’s Security Executive Council Risk Management Portfolio, a collection of real world solutions and "how-to" guidelines that equip executives, practitioners, and educators with proven information for successful security and risk management programs. The 18-minute, visual PowerPoint presentation with audio narration format is excellent for group learning Introduces the concept of workplace security culture and explains how it can help further the objectives of the security program Encourages a top-down approach: When top management is invested in the security culture, the rest of the organization will naturally follow their lead

Mitigate human risk and bake security into your organization’s culture from top to bottom with insights from leading experts in security awareness, behavior, and culture. The topic of security culture is mysterious and confusing to most leaders. But it doesn’t have to be. In The Security Culture Playbook, Perry Carpenter and Kai Roer, two veteran cybersecurity strategists deliver experience-driven, actionable insights into how to transform your organization’s security culture and reduce human risk at every level. This book exposes the gaps between how organizations have traditionally approached human risk and it provides security and business executives with the necessary information and tools needed to understand, measure, and improve facets of security culture across the organization. The book offers: An expose of what security culture really is and how it can be measured A careful exploration of the 7 dimensions that comprise security culture Practical tools for managing your security culture program, such as the Security Culture Framework and the Security Culture Maturity Model Insights into building support within the executive team and Board of Directors for your culture management program Also including several revealing interviews from security culture thought leaders in a variety of industries, The Security Culture Playbook is an essential resource for cybersecurity professionals, risk and compliance managers, executives, board members, and other business leaders seeking to proactively manage and reduce risk.

This book offers a new look at international security management combining practical applications and theoretical foundations for new solutions to today’s complex security and safety challenges. The book’s focus on safety as a positive experience complements the traditional approach to safety as risks and threats. In addition, its multi-stakeholder, multi-disciplinary, international and evidence-based approach provides holistic and timely insights for the field. Topics raised in this book focus on the crucial questions of: Who is safety actually for? (and) How can sustainable safety solutions be jointly created? This book provides comprehensive insights into the latest research findings, practical applications and suggestions for dealing with challenges in international security management in integrated and sustainable ways, making it relevant reading for practitioners, as well as academics and students - with a view to obtaining thorough, first-hand knowledge from serving experts in the field. We explore new ways of working with citizens, police and policymakers in order to co-create safety. This book emphasises the importance of safety as a topic that matters for all. “Safety and security are basic pillars for the development of our society. However, the number of areas, actors and procedures involved in the management of the different elements composing the international security eco-system, its coordination and alignment, make it a challenging issue to resolve. This book provides a fresh new approach to this complex issue, in which we all have a role to play.” Fernando Ruiz, Acting Head of European Cyber-Crime Centre - Europol “A very timely analysis that brings a much-needed international perspective to the field of security management. The authors explore the challenges confronting security management in a complex and connected world and generate new ideas to support practice and inspire research.” Professor Mark Griffin; John Curtin Distinguished Professor, Curtin University; Director, Future of Work Institute “This book presents the role of International Security Management in the 21st century in an innovative way.” Dr. Christian Endreß, Managing Director, ASW Bundesverband - German Association for Security in Industry and Commerce

The International Security Programs Benchmark Report presents and analyzes the findings of a broad survey conducted by the Security Executive Council of corporate international security programs. The report identifies the types of international security baseline programs in place for a range of company sizes, and describes the organizational perception of security’s role and capability. The data suggest that international security programs are greatly affected by the company size and the location of the security department within the organization, whether as part of the executive, legal, or human resources function. Security leaders can gain valuable insights from this report regarding the scope of international security programs at key corporations with contextualized comparison points for evaluating their own programs. The International Security Programs Benchmark Report is a part of Elsevier’s Security Executive Council Risk Management Portfolio, a collection of real world solutions and "how-to" guidelines that equip executives, practitioners, and educators with proven information for successful security and risk management programs. Summarizes the key points of a broad survey on international security programs conducted by the Security Executive Council Breaks down survey responses by company size and functional location of security within the organization Provides insight into other organizations’ existing international security programs and services

Building a Corporate Culture of Security: Strategies for Strengthening Organizational Resiliency provides readers with the proven strategies, methods, and techniques they need to present ideas and a sound business case for improving or enhancing security resilience to senior management. Presented from the viewpoint of a leading expert in the field, the book offers proven and integrated strategies that convert threats, hazards, risks, and vulnerabilities into actionable security solutions, thus enhancing organizational resiliency in ways that executive management will accept. The book delivers a much-needed look into why some corporate security practices programs work and others don’t. Offering the tools necessary for anyone in the organization charged with security operations, Building a Corporate Culture of Security provides practical and useful guidance on handling security issues corporate executives hesitate to address until it’s too late. Provides a comprehensive understanding of the root causes of the most common security vulnerabilities that impact organizations and strategies for their early detection and prevention Offers techniques for security managers on how to establish and maintain effective communications with executives, especially when bringing security weakness--and solutions--to them Outlines a strategy for determining the value and contribution of protocols to the organization, how to detect gaps, duplications and omissions from those protocols, and how to improve their purpose and usefulness Explores strategies for building professional competencies; managing security operations, and assessing risks, threats, vulnerabilities, and consequences Shows how to establish a solid foundation for the layering of security and building a resilient protection-in-depth capability that benefits the entire organization Offers appendices with proven risk management and risk-based metric frameworks and architecture platforms

Use the guidance in this comprehensive field guide to gain the support of your top executives for aligning a rational cybersecurity plan with your business. You will learn how to improve working relationships with stakeholders in complex digital businesses, IT, and development environments. You will know how to prioritize your security program, and motivate and retain your team. Misalignment between security and your business can start at the top at the C-suite or happen at the line of business, IT, development, or user level. It has a corrosive effect on any security project it touches. But it does not have to be like this. Author Dan Blum presents valuable lessons learned from interviews with over 70 security and business leaders. You will discover how to successfully solve issues related to: risk management, operational security, privacy protection, hybrid cloud management, security culture and user awareness, and communication challenges. This book presents six priority areas to focus on to maximize the effectiveness of your cybersecurity program: risk management, control baseline, security culture, IT rationalization, access control, and cyber-resilience. Common challenges and good practices are provided for businesses of different types and sizes. And more than 50 specific keys to alignment are included. What You Will Learn Improve your security culture: clarify security-related roles, communicate effectively to businesspeople, and hire, motivate, or retain outstanding security staff by creating a sense of efficacy Develop a consistent accountability model, information risk taxonomy, and risk management framework Adopt a security and risk governance model consistent with your business structure or culture, manage policy, and optimize security budgeting within the larger business unit and CIO organization IT spend Tailor a control baseline to your organization’s maturity level, regulatory requirements, scale, circumstances, and critical assets Help CIOs, Chief Digital Officers, and other executives to develop an IT strategy for curating cloud solutions and reducing shadow IT, building up DevSecOps and Disciplined Agile, and more Balance access control and accountability approaches, leverage modern digital identity standards to improve digital relationships, and provide data governance and privacy-enhancing capabilities Plan for cyber-resilience: work with the SOC, IT, business groups, and external sources to coordinate incident response and to recover from outages and come back stronger Integrate your learnings from this book into a quick-hitting rational cybersecurity success plan Who This Book Is For Chief Information Security Officers (CISOs) and other heads of security, security directors and managers, security architects and project leads, and other team members providing security leadership to your business

Compelling and practical view of computer security in a multinational environment – for everyone who does business in more than one country.

In today’s work environment, the lines between our professional and personal lives are blurred more than ever before. Whatever is happening to us outside of our workplace —whether stressful, painful, or joyful —follows us into work as well. We may think we have to keep these realities under wraps and act as if we “have it all together.” But as Mike Robbins explains, we can work better, lead better, and be more engaged and fulfilled if —instead of trying to hide who we are —we show up fully and authentically. Mike, a sought-after motivational speaker and business consultant, has spent more than 15 years researching, writing, and speaking about essential human experiences and high performance in the workplace. His clients have ranged from Google to Citibank, from the U.S. Department of Labor to the San Francisco Giants. From small start-ups in Silicon Valley to family-owned businesses in the Midwest. From what he’s seen and studied over the years, Mike believes that for us to thrive professionally, we must be willing to bring our whole selves to the work that we do. Bringing our whole selves to work means acknowledging that we’re all vulnerable, imperfect human beings doing the best we can. It means having the courage to take risks, speak up, have compassion, ask for help, connect with others in a genuine way, and allow ourselves to be truly seen. In this book, Mike outlines five principles we can use to approach our own work in this spirit of openness and humanity, and to help the people we work with feel safe enough to do the same, so that the teams and organizations we’re a part of can truly succeed. “This book will offer you insights, ideas, and tools to inspire you to bring all of who you are to the work that you do —regardless of where you work, what kind of work you do, and with whom you do it. And, if you’re an owner, leader, or just someone who wants to have influence on those around you —this book will also give you specific techniques for how to build or enhance your team’s culture in such a way that encourages others to bring all of who they are to work.”