Created by the Security Executive Council
The following is a visual representation of research conducted by the SEC that shows the potential mitigation services that Security provides to an organization. A review of core competencies and centers of excellence supports the involvement and possible leadership for Security in these crucial risk management areas.
Potential Realm of Security Responsibilities
The current security practitioner trend and assertion is that these elements can make up the responsibilities of a "true" Chief Security Officer within an organization. However, this is often in conflict with the organizational view of Security.
Recently the SEC has found many businesses have generated increased value by incorporating an enhanced view of security—one where risk mitigation is integrated throughout the organization. Instead of viewing risk mitigation as the realm of a single department or functional group, it needs to be cross-functional and team driven.
Improved View of Security Responsibilities
You may be assigned responsibility for the mitigation of specific risks, but for the good of the organization you must think of it as a cross-functional activity now.
It is not about what you own, but who you must collaborate with to make it effective. The real power message to senior management is how well the security leader is working within the organization to make risk mitigation as effective as possible.