Insight on Program Best Practices

The SEC’s perspectives on security program development and enhancement.

Filter by

Insight on Program Best Practices

Security Barometer: Essential Elements of Cybersecurity Awareness Training

Today's environment demands that all individuals play a role in protecting themselves and the organizations they work for. Cybersecurity awareness training is meant to help protect organizations by informing individuals about how they can help prevent being used to cause damage.
Click for more details
Insight on Program Best Practices

Security Optimization - Looking Beyond Traditional Definitions of Convergence

It's long been a common assumption in security that most high-performing and successful security functions operate within a "converged" structure, with corporate and cyber security reporting to a single security or risk executive. But is that assumption true?
Click for more details
Insight on Program Best Practices

Security Optimization - Looking Beyond Traditional Definitions of Convergence

How does cyber security and corporate security collaboration influence security optimization, and is one structure more likely to lead to optimization than another?
Click for more details
Insight on Program Best Practices

The State of Security Convergence

Are preconceptions about the convergence of corporate and cyber security accurate in practice?
Click for more details
Insight on Program Best Practices

Information Protection Playbook

Whether or not Corporate Security has direct responsibility for Information Security, excellence in risk management and information protection relies upon collaboration and coordination between these related functions. Without shared knowledge on strategy, methods, and threats, coordination will be difficult to achieve. The Information Protection Playbook provides a high-level overview that...
Click for more details
Insight on Program Best Practices

Security Barometer Results: Do Cyber and Corporate Security Work Together in Your Organization?

Both cyber/information security and corporate/physical security have roles to play in protecting and securing the organization.
Click for more details
Insight on Program Best Practices

The Mission is Not Cybersecurity- It's Enterprise Security

Security's current business model can deliver on the routine service demands, but our role in meeting these increasingly consequential risks will require a much more inclusive and mature presence.
Click for more details