Insight on Program Best Practices

The SEC’s perspectives on security program development and enhancement.

Filter by

Insight on Program Best Practices

Beyond Optimization: Rebalancing Guard Force with Technology Can Be a Win-Win Solution

Organizations, whether they engage contract guard services or hire officers directly, are feeling the impact of labor shortages and high turnover rates. Augmenting with the right types of technology in the right applications can help organizations find a better balance between cost and man hours.
Click for more details
Insight on Program Best Practices

Dealing with Controversial Communication in the Workplace

In this polarized atmosphere several Tier 1 Security Leaders have raised concerns about controversial communications in the workplace. Use this draft policy on workplace communication as a starting point for discussions with HR whether one should be created or an existing policy should be updated.
Click for more details
Insight on Program Best Practices

Workplace Violence Management Guidance for Security Leaders

U.S. states including California and Texas are joining industry groups and other world governments in requiring organizations to implement measures to protect employees against violence in the workplace. Such regulation provides companies an opportunity to take action that shows their work force across the board – not only in regulated areas – that they prioritize employee safety.
Click for more details
Insight on Program Best Practices

Security Barometer Results: Workplace Violence Prevention Programs

As States enact new extensive workplace violence prevention program laws we can expect more and more organizations ensuring they meet similar standards.
Click for more details
Insight on Program Best Practices

Security Barometer: Essential Elements of Cybersecurity Awareness Training

Today's environment demands that all individuals play a role in protecting themselves and the organizations they work for. Cybersecurity awareness training is meant to help protect organizations by informing individuals about how they can help prevent being used to cause damage.
Click for more details
Insight on Program Best Practices

Security’s Opportunity in Supply Chain Security

The February 2024 SEC Security State of the Industry (SSoI) briefing covered security leaders’ unique potential to bridge functions and bring added value when addressing supply chain security.
Click for more details
Insight on Program Best Practices

Security Optimization - Looking Beyond Traditional Definitions of Convergence

It's long been a common assumption in security that most high-performing and successful security functions operate within a "converged" structure, with corporate and cyber security reporting to a single security or risk executive. But is that assumption true?
Click for more details
Insight on Program Best Practices

Insights from Next Generation GSOC Leaders

In 2023, the SEC brought together more than two dozen security and risk leaders to offer a 10-session online course on strategic development, management, and innovation in Global Security Operations Centers. Here are some selected session highlights.
Click for more details
Insight on Program Best Practices

SEC's Business Intelligence and Innovation Lab Now Open

Risk-focused, actionable analysis will help corporate security see around corners.
Click for more details
Insight on Program Best Practices

Intelligence Analysis in the Private Sector: Growth, Challenges, and Applications

We’ve increasingly seen private-sector clients and Tier 1 leaders turning to intelligence analysis to help them manage risk. Despite companies’ embrace of intelligence analysis, misconceptions persist about what private-sector intelligence analysis is and how it can aid organizations.
Click for more details
Insight on Program Best Practices

What Should Be Included in Your Guard Force Service Agreement?

One way to ensure the uniformed security force budget is effectively and efficiently spent is to carefully craft the service agreement, starting from the very beginning of the vendor selection process.
Click for more details
Insight on Program Best Practices

Faculty Advisor: How to Assess Security Vendors for the Best Outcome

Contracting with a vendor that can't meet your needs is a costly error, and often an avoidable one. An SEC Subject Matter Expert in Supply Chain Security weighs in on what you can do to ensure you get the right solution outcome from your vendor.
Click for more details
Insight on Program Best Practices

Optimize Security Forces for Cost Savings and Quality Assurance

A security department’s guard force or uniformed security officer program is frequently one of the priciest line items in the function’s budget. For that reason, it’s also one of the programs most frequently targeted in budget reductions.
Click for more details
Insight on Program Best Practices

Security Barometer: How Many Sources of Information Are Coming into Your SOC/GSOC?

Some Security Operations Centers gather a large quantity of information from a multitude of sources. This Security Barometer quick poll is examining whether the organization is effectively using the full capabilities of their SOC/GSOC.
Click for more details
Insight on Program Best Practices

Issue Spotlight: Overemployment

Overemployed workers aren't just doing side hustles or moonlighting gigs. They're collecting full-time pay and benefits for different positions at different organizations at the same time. This is not just a matter of ethics.
Click for more details
Insight on Program Best Practices

Mini Self-Assessment – Does Your WPV Prevention Program Need Work?

Regardless of the regulatory situation, security practitioners have a duty of care to protect employees at all levels from injury and death on the job. How do you know you’re doing all you can or should do?
Click for more details
Insight on Program Best Practices

New Developments in Proactive Loss and Anomaly Detection

Companies lose money in a diversity of ways, but whether the loss is via theft, fraud, poor management, or error, the longer it takes to detect it, the more costly it will be. This summary of a Security State of the Industry meeting discusses tools and techniques of proactive loss detection.
Click for more details
Insight on Program Best Practices

Security Optimization - Looking Beyond Traditional Definitions of Convergence

How does cyber security and corporate security collaboration influence security optimization, and is one structure more likely to lead to optimization than another?
Click for more details
Insight on Program Best Practices

GSOC Group Answers Leadership Questions with Peer Benchmarking

Since 2015, the SEC’s Next Generation GSOC Group, has provided a trusted, peer-based network for sharing ideas, needs, challenges and opportunities for operational excellence. Members use the group to compare GSOC services, people, internal awareness, and technology.
Click for more details
Insight on Program Best Practices

Active Shooter Program: First Steps

Active shooter cases have increased, and Boards have noticed. If you don't arleady have a program in place to manage this risk, here are some considerations to start you off.
Click for more details
Insight on Program Best Practices

Emerging Threats: How High-Performing GSOCs Are Adapting

Exploring the role of the GSOC in identifying and managing emergent threats, the power of executive influence, and more.
Click for more details
Insight on Program Best Practices

The Manager's Handbook for Business Security

The Manager’s Handbook for Business Security is the quick-reference guide to successful security management. New security managers don’t always have the luxury of time to deeply research comprehensive textbooks on security fundamentals before they start taking action to build their programs. The same applies to security practitioners transitioning from the...
Click for more details
Insight on Program Best Practices

How Proactive Investigations Can Boost the Bottom Line

Organizations can incur criminal loss through many avenues – organized crime, theft and diversion, intellectual property loss, myriad types of internal and external fraud involving insurance, employee benefits, misappropriation, kickbacks, and more. Each of these loss avenues may be managed by a different function in the company, which is why...
Click for more details
Insight on Program Best Practices

Security State of the Industry: Travel Security

New research report examines travel security program trends, risk factors, policy and program elements.
Click for more details
Insight on Program Best Practices

Security Barometer: Are Investigations Evolving?

These research results delve into how security practitioners are adjusting to leverage newer technologies and techniques to fight fraud loss.
Click for more details
Insight on Program Best Practices

Intelligence and Resilience in Next Generation Corporate Security

Here are a few key takeaways from a recent SEC forum covering operationalizing and optimizing people, process, and technology for future risk mitigation value.
Click for more details
Insight on Program Best Practices

The State of Security Convergence

Are preconceptions about the convergence of corporate and cyber security accurate in practice?
Click for more details
Insight on Program Best Practices

Personal Safety and Security Playbook: Risk Mitigation Guidance for Individuals, Families, Organizations, and Communities

Organizations have a Duty of Care to their staff and employees that includes protecting their health and safety while in the office environment. But what about helping to protect them at home? Showing staff and employees that the organization cares about their wellbeing beyond the campus builds a positive corporate...
Click for more details
Insight on Program Best Practices

Faculty Advisor: Screen Vendors Continuously and Comprehensively

My security function has been tasked with establishing screening protocols for the vendors and service providers bidding for our company’s contracts. How far should this screening extend? What should be included?
Click for more details
Insight on Program Best Practices

Business Continuity Playbook

The robustness of a company’s business continuity plan often decides whether it will thrive, survive, or sink. This Playbook is meant to serve as a framework to help security leaders build a business continuity program from the ground up or enhance the program that is currently in existence. The materials...
Click for more details
Insight on Program Best Practices

Faculty Advisor: Building a Right-Sized Protection Program

I am being tasked with establishing an executive protection program for our company.  Executive management does not feel a large entourage of security personnel is warranted. Any advice on how to build out the right program for my company?
Click for more details
Insight on Program Best Practices

Physical Security Strategy and Process Playbook

The Physical Security Strategy and Process Playbook concisely and comprehensively lays out the requirements of physical security management as a critical part of sound business management. The book includes an explanation of basic physical security concepts; a description of the probable security risks for more than 40 functional areas in...
Click for more details
Insight on Program Best Practices

Faculty Advisor: Workplace Safety During Staffing Adjustments

What proactive measures should I take to help weather the inevitable storm when people who have worked here for many years learn that they will no longer have a job?  How can we ease the tension and give these employees some hope of moving forward?
Click for more details
Insight on Program Best Practices

Early Fraud Detection: The Secret to Security ROI?

Internal or occupational fraud prevention or recovery could be the ROI Holy Grail security leaders have been wishing for.
Click for more details
Insight on Program Best Practices

What Makes a Comprehensive Business Continuity Program?


Security directors must be ready to show the C-suite what a strong comprehensive business continuity program looks like and how their program measures up.
Click for more details
Insight on Program Best Practices

GSOC: Business Drivers and Service Scope

During COVID-19 companies with existing Security Operations Centers have been able to leverage their SOC/GSOC capabilities to add value like never before.
Click for more details
Insight on Program Best Practices

Protest Guide for Security Leaders

Help your organization analyze its risk and take action in areas that may be impacted by civil unrest.
Click for more details
Insight on Program Best Practices

Is Your GSOC Contributing to Operational Excellence?

This brief self-assessment can help prepare you for a conversation about your GSOC's needs and capabilities with executive management
Click for more details
Insight on Program Best Practices

Information Protection Playbook

Whether or not Corporate Security has direct responsibility for Information Security, excellence in risk management and information protection relies upon collaboration and coordination between these related functions. Without shared knowledge on strategy, methods, and threats, coordination will be difficult to achieve. The Information Protection Playbook provides a high-level overview that...
Click for more details
Insight on Program Best Practices

Security Barometer Results: Do Cyber and Corporate Security Work Together in Your Organization?

Both cyber/information security and corporate/physical security have roles to play in protecting and securing the organization.
Click for more details
Insight on Program Best Practices

Access Control Fundamentals

One of the recurring themes of discussion amongst security leaders regarding COVID-19 has been the use of access control systems and procedures to mitigate spread.
Click for more details
Insight on Program Best Practices

COVID-19 Security Response Tactics and Strategies to Consider for Business Resumption Plans

Created by Dan Sauvageau, SEC Subject Matter Expert. Many security departments are currently busy focusing on the immediate needs of managing their COVID-19 response plans, assessing their resources, evolving their tactics, and fielding questions from employees, executives, and other stakeholders. Some may have not had the time or opportunity to...
Click for more details
Insight on Program Best Practices

Developing a Robust Travel Security Program

Those having travel security plans and programs in place are better positioned to deal with quarantines, travel bans, and extracting their employees from potentially high-risk regions.
Click for more details
Insight on Program Best Practices

The Business Response to Misconduct Allegations

Investigations is one of the oldest services Security provides. Many security leaders would confidently say their function can manage investigations well in any situation. But COVID-19 has changed that. Now we all must reimagine how to investigate theft, information loss, conflict of interest, fraud, and sabotage in a primarily remote...
Click for more details
Insight on Program Best Practices

Workplace Security Playbook: The New Manager’s Guide to Security Risk

When an employee without a security background is charged with the protection of people, facilities, or assets, he or she may have a hard time finding resources to help them develop policies and procedures and make solid protection decisions. The Workplace Security Playbook is designed to act as a reference...
Click for more details
Insight on Program Best Practices

Faculty Advisor: Baking in Success to Your Workplace Violence Program

I am developing a workplace violence program for my company. I don’t want to miss any early opportunities to “bake in” success, so to speak. What are the big things I need to be thinking about as I develop policy and workplace violence program design?
Click for more details
Insight on Program Best Practices

Critical Incident Decision Matrix


A simple matrix can serve as a visual resource to assist in outlining and prioritizing Incident Management Team decisions.
Click for more details
Insight on Program Best Practices

Operational Excellence in Contract Security Performance Measurement

The focus in this paper is on measuring the performance of security service providers. The Security Executive Council believes that there needs to be a more in-depth consideration of what constitutes "excellence" in these operations given the consistent growth of outsourcing to guard service companies.
Click for more details
Insight on Program Best Practices

Event Risk Analysis Template

Use this template to identify and organize risk factors to help your organization make informed event security decisions.
Click for more details
Insight on Program Best Practices

Structured Critical Incident Response (Parts 1-4)

This four-part Structured Critical Incident Management, demonstrates how to develop and train an Incident Management Team (IMT) to protect a private-sector company during a critical incident.
Click for more details
Insight on Program Best Practices

Personnel Protection: Advance Procedures (Parts 1-5)

This five-part series describes some advance security planning and arrangements for executive protection.
Click for more details
Insight on Program Best Practices

Top Security Practices for a Resilient Business


A group of security leaders gathered to share lessons they have learned from challenging experiences.
Click for more details
Insight on Program Best Practices

Site Risk Assessment Scoring Template

After conducting risk assessments at each of your sites you should think about how to analyze and communicate the results.
Click for more details
Insight on Program Best Practices

Personnel Protection: Concepts of Executive Security (Parts 1-2)

This presentation presents an overview of both the proactive and reactive components of personnel protection, covering the layering of security measures, target hardening, intelligence gathering, and awareness.
Click for more details
Insight on Program Best Practices

Domestic Violence Spills Over Into the Workplace (Parts 1-4)

Created by Rosalind W. Jackson, Security Executive Council staff member. In this series, Rosalind Jackson, SEC media and publications manager, discusses ways to assess the danger, help the survivor and keep the workplace safe. She discusses the signs and types of abuse; developing and communicating a domestic violence policy; the...
Click for more details
Insight on Program Best Practices

The Risk Assessment Threat Matrix and Heat Map

After identifying hazards and vulnerabilities this tool can help effectively analyze and communicate the results.
Click for more details
Insight on Program Best Practices

It Happens. Are You Prepared to Respond?


This summary of an SEC Security State of the Industry briefing provides insight on preparing for and managing all types of critical incidents.
Click for more details
Insight on Program Best Practices

Incident Management Flowchart


The framework helps clarify that one point of contact is responsible for communicating to the various Incident teams in order to alleviate the typical flood of calls at the early stages of an incident.
Click for more details
Insight on Program Best Practices

Faculty Advisor: Keeping Your Workplace Violence Program Current

I have been proactive and have prepared and disseminated what I think is a good workplace violence procedure for my organization. But how can I keep ahead of the game when it comes to planning and preparing to help ensure that my organization does not end up in an undesirable situation involving workplace violence?
Click for more details
Insight on Program Best Practices

Physical Security: Assessing the Needs of Your Business

In order to build a security system that works for business, the needs of that business must first be assessed.
Click for more details
Insight on Program Best Practices

Personal Safety Guidelines for International Travel

Security and safety awareness practices should be part of any travel, but safe international travel demands special preparation.
Click for more details
Insight on Program Best Practices

The Mission is Not Cybersecurity- It's Enterprise Security

Security's current business model can deliver on the routine service demands, but our role in meeting these increasingly consequential risks will require a much more inclusive and mature presence.
Click for more details
Insight on Program Best Practices

When Emotions Run High: Dealing with Stress in Crisis Management


It's important to remember that when a crisis hits a company, no matter how well prepared that company is, emotions will run high.
Click for more details
Insight on Program Best Practices

Uniformed Security Officer Programs Under Fire

In this Security Barometer the SEC investigated the effect that the constant pressure to cut costs while increasing effectiveness has on uniformed security officer programs.
Click for more details
Insight on Program Best Practices

What is the Cost of a Bad Employee

Even a single insider incident can rise to the level of a serious crisis. the time involved in resolving an insider misconduct case resulting in termination for cause is one small aspect of reputational risk.
Click for more details
Insight on Program Best Practices

Nuisance Alarms Are More than a Nuisance

Frequent false alarms are not only a nuisance but could result in a lack of confidence by first responders who may start to distrust the validity of a call to that location, as well as cause additional costs to the company.
Click for more details
Insight on Program Best Practices

Working with Customers for Better Access Control

Access management is a core safeguard. Understand the range of risks driving this set of safeguards and work with your customers to tailor the protection strategy for results.
Click for more details
Insight on Program Best Practices

The Case of the Reluctant Complainant

How does the non-security professional handle the employee who reports a misconduct yet is very insistent that you promise not to act upon the information?
Click for more details
Insight on Program Best Practices

How to Plan an Investigation

At many companies, small security staffs mean other departments— commonly human resources or legal—necessarily help conduct investigations. This is an abridged excerpt on the planning phase of an investigation.
Click for more details
Insight on Program Best Practices

Five Essential Considerations for Establishing a Valued Global Security Operations Center (GSOC)

Whether you are in the proposal stage of building your GSOC or in active operations, here are five critical elements to consider that are critical to success.
Click for more details
Insight on Program Best Practices

Economic Espionage and the Growing Case for Corporate Counterintelligence

The theft of information and intelligence is increasingly gathered on U,S, companies by foreign entities that use the results for a variety of different type of what is now called economic espionage.
Click for more details
Insight on Program Best Practices

Workplace Violence Cross-Functional Risk Management Teams

The roles and responsibilities of the cross-functional team are identified and documented through a process of team member selection, indoctrination, training and performance results.
Click for more details
Insight on Program Best Practices

SEC Security State of the Industry: Could Your Security Program Fall Below Industry Standard of Care Resulting in a Finding of Negligence?

A summary of a SEC Security State of the Industry briefing featuring a study of recent case law involving workplace violence programs.
Click for more details
Insight on Program Best Practices

Management by Walking Around Gets You Ready for a Crisis


A chief security officer has to nurture, cultivate and respect relationships with internal and external partners who are essential to resolving a critical incident. One way to do so is to simply walk around.
Click for more details
Insight on Program Best Practices

How Does Your Insider Threat Compare?

Many companies are now building or enhancing their insider threat program – and beyond classified information security.
Click for more details
Insight on Program Best Practices

The Threat of the Malicious Insider: What Is the CFO's Responsibility?

Malicious insiders can do far more damage to the organization than any external attack. The insider threat should be a significant concern for both public and private organizations.
Click for more details
Insight on Program Best Practices

Defining Best Practices in Global Security Operations Centers

This is the initial report from a SEC GSOC program. It incorporates extensive benchmarking of corporate security organizations to gather baseline data on participating company and security department demographics.
Click for more details
Insight on Program Best Practices

Case Study: Risk Management and Security Metrics at Boeing

This case provides background information on Boeing and why its security group undertook an evaluation of the metrics that they use. The results of that evaluation are presented, along with a general discussion of how metrics are used to improve decision making and assessment.
Click for more details
Insight on Program Best Practices

Faculty Advisor: Developing a Business Continuity Plan (BCP)

What steps should I go through in order to develop/improve and implement a Business Continuity Plan (BCP) to meet the specific needs of my company?
Click for more details
Insight on Program Best Practices

Measures and Metrics for Business Continuity Programs


All security programs should be measured for performance. Successful security leaders have used the slides in this presentation to demonstrate the value their Business Continuity programs are delivering to their organizations.
Click for more details
Insight on Program Best Practices

Faculty Advisor: Building a Consistent Employee Protection Program

My company has no consistent executive protection and event security program. Any advice on how to build out a program that will allow us to better support the executives and our employees?
Click for more details
Insight on Program Best Practices

Security Contract Compliance Auditing

Contracts with product and service suppliers are an integral part of many corporate security service delivery programs; in fact, many companies spend millions of dollars annually for thousands of hours of service from contract guard vendors.
Click for more details
Insight on Program Best Practices

Faculty Advisor: Establishing a Global Security Operations Center (GSOC)

We are discussing establishing a GSOC to support our company and security organization. Since this is new to us, could you supply some fundamental considerations we should be thinking about?
Click for more details
Insight on Program Best Practices

Vendor Resilience Questionnaire


This checklist provides a good starting point to help you determine how prepared your key vendors are to quickly and effectively manage disruptions to their operations that could impact you.
Click for more details
Insight on Program Best Practices

Faculty Advisor: Tabletop Exercises: Choosing the Right Scenario

As part of my company’s crisis management team, I am assisting in the development of a tabletop exercise to help us prepare for potential events. We have identified several possible incident scenarios, but there will always be other possibilities we haven’t tested. How do we create an exercise that is adaptable to other situations?
Click for more details
Insight on Program Best Practices

Incident Analysis Identifies Business Practice Risk

Knowledgeable insiders are a serious threat to an organization, since they live inside protective measures. They have a unique understanding of the company's vulnerabilities and know how to use them to their own advantage.
Click for more details
Insight on Program Best Practices

Development of an Insider Threat Program

The SEC created a graphic that depicts the main elements of a insider threat program.
Click for more details
Insight on Program Best Practices

Corporate Security Policy Template

A strong policy can make a significant impact on security's ability to set, communicate, and enforce requirements for managing risk. The attached template, based on research conducted by the Security Executive Council, can help guide you as you write your next one.
Click for more details
Insight on Program Best Practices

Measuring Awareness of Access Control Responsibilities

Two key measures of the effectiveness of a security program are (1) how well security communicates the security responsibilities it expects employees to meet; and (2) the affirmation that those expectations are being met.
Click for more details
Insight on Program Best Practices

Site Risk/Threat Assessment Ranking Template

This template was designed to assist security leaders in ranking risk and mitigation priorities, which is one fundamental part of a comprehensive risk management strategy.
Click for more details
Insight on Program Best Practices

Facility Criticality and Mitigations Option Tool

The SEC developed this Criticality/Mitigation Options tool to provide security leaders with an organized, visual format for communicating the security organization's perception of risk levels and mitigation options.
Click for more details
Insight on Program Best Practices

Showing the ROI of Contract Security Forces

A thoughtful security manager in Arizona once e-mailed me the following in response to one of my regular columns on security metrics: “I can’t think of a more relevant issue for physical security than a series of metrics regarding contract security costs...
Click for more details
Insight on Program Best Practices

Measuring Guard Force Operations

One of the largest line items in most corporate security budgets is security operations, or guard force costs. I am often amazed at the answers I get when I ask, “What metrics do you have for these activities?”
Click for more details
Insight on Program Best Practices

Business Continuity Program Strategic Plan Cycle


BCP review and evaluation must remain connected to other company planning cycles and should be an annual strategic priority.
Click for more details
Insight on Program Best Practices

Security State of the Industry: The Emerging Role of Information Protection and Counterintelligence (CI) in Corporate Security

Corporations are now being targeted at such a high rate that it's creating an urgent responsibility for corporate security to address the issue.
Click for more details
Insight on Program Best Practices

Security Policies that Organizations Have in Place

This Security Barometer peer poll looked at what security policies organizations have in place and corporate security's responsibility.
Click for more details
Insight on Program Best Practices

Insider Threat is a Challenging Organizational Problem

Based on intensive research and insights from leading companies, the Security Executive Council (SEC) recommends a comprehensive monitoring and screening process to address ongoing perceived and real insider risk
Click for more details
Insight on Program Best Practices

Four Interdependent Risk-Based Functions of Business Continuity Planning


This chart highlights the four interdependent risk-based functions of BCP: assessment of business needs and risks, and preparedness for, response to, and recovery from emergencies.
Click for more details
Insight on Program Best Practices

The Essentials of a Physical Security Systems Risk Assessment

This brief guide includes identifying goals, assessing the needs of the business, and combining the fundamental elements of security into a coherent assessment of risk.
Click for more details
Insight on Program Best Practices

Next Generation Security Leader Forum: Driving Unified Risk Oversight through Global Security Operations Centers Executive Summary

This is the Executive Summary from a SEC Next Generation Security Leader (NGSL) Executive Development curriculum hosted by the Boeing Company.
Click for more details
Insight on Program Best Practices

Corporate Contingency Planning Umbrella


To ensure value, an organization's BCP must align with its overall mission and purpose.
Click for more details
Insight on Program Best Practices

Faculty Advisor: The Case for Corporate Counterintelligence

I am trying to garner support for creating a corporate counterintelligence (CI) program within our security organization; we are an international company with people and facilities in multiple countries. What does a “good” corporate CI program look like?
Click for more details
Insight on Program Best Practices

Faculty Advisor: Contract Security Challenges and Strategies: Part II

The KPIs currently used by my company to assess security services have been in place for years and the value of the information is questionable. What are the best quantifiable KPI measurements to demonstrate the value of our security contract as well as evaluate the performance of the security officers? How can I use the information to improve my overall contract security program?
Click for more details
Insight on Program Best Practices

Faculty Advisor: Contract Security Challenges and Strategies: Part I

Our annual spending for uniformed security officers is nearly 80 percent of my total budget. Senior leadership is always looking at the budget and whenever we have a cost-reduction initiative, security is one of the top three expenses challenged. How can I make sure that I have the right contract in place at the best price?
Click for more details
Insight on Program Best Practices

SOC/GSOC Benchmark Survey Results

The following results are from the SEC’s GSOC Best Practices Group that brings together over 50 global organizations to share proven practices and develop program strategies.
Click for more details
Insight on Program Best Practices

Not Following Established Policy Tops List of Most Significant Threats to Information Protection

This early release summary of "Threats to Information Protection 2015" provides a glimpse into the results of extensive research performed by Kennesaw State University's Center for Information Security Education (CISE) in partnership with the SEC.
Click for more details
Insight on Program Best Practices

Who Owns Investigations?

Whether you want to bring investigations in under your department or just help eliminate investigative confusion this paper will help you get started.
Click for more details
Insight on Program Best Practices

Faculty Advisor: Establishing an Emergency Response Plan

Can you give me some advice on communicating with key business managers about the value of developing a coordinated response plan in advance of an incident?
Click for more details
Insight on Program Best Practices

Faculty Advisor: Dealing with Stress in Crisis Management When Emotions Are Running High

Managing employee emotions during a crisis event.
Click for more details
Insight on Program Best Practices

Faculty Advisor: Preparing for Crises Beforehand

Questions to ask before the next crisis.
Click for more details
Insight on Program Best Practices

Business Continuity and You - Tips, Tales, and Tools


Business continuity planning identifies potential risks and the resources needed to provide effective assessment, preparedness, response, and recovery from those risks.
Click for more details
Insight on Program Best Practices

Workplace Violence Continuum

This graphic is a process chart, an internal awareness tool and program development tool.
Click for more details