Knowledge Corner - Career / Role :: SEC: Strategic Security Advisory Services for CSOs

Security Barometer

What are the top security risks facing organizations today?

Top Downloads

How to Quickly Show Stakeholders the State of the Security Program

Site Risk/Threat Assessment Ranking Template

Case Study: Risk Management and Security Metrics at Boeing

What Makes a Comprehensive Business Continuity Program?

Managers Handbook for Business Security

Take a sneak peek at our new Knowledge Corner resource pages. We’re working on making SEC resources easier for you to find what you need including resources related to security strategic planning, influencing senior management, risk assessment, leadership strategies and security metrics.

Contact us if you want to know the ways we assist security practitioners.

Tools
	Compensation Comparison Created By: SEC and The Foushée Group This tool is designed to give the user a "snapshot" of their current total compensation compared to the market.

	Next Generation Security Leader Graphic Created By: Security Executive Council The six "knowledge streams" shown in this graphic represent the core skills and leadership competencies as represented by Tier 1 Leaders and Faculty necessary for today's leaders.	314KB

	Next Generation Security Leader Program-Options Created By: Security Executive Council This Security Executive Council (SEC) Next Generation Security Leader (NGSL) program was developed to arm security practitioners and other risk mitigation managers with the business leadership acumen necessary to propel them and their organizations to the next level of strategic performance. The NGSL program is the only one that connects best practices from risk theory and business processes through application and value contribution. The SEC has collaborated with the University of South Carolina, Darla Moore School of International Business to its bring cutting edge Security 2020 Curricula to academia, business, government and NGOs. NGSL programming has been successfully delivered with culturally relevant guidance to next generation security leaders across the globe.

	OPaL+ Assessment Executive Summary Created By: Security Executive Council This assessment is based on over ten years of research and trending on successful corporate security leaders and programs. It consists of three main factors that play a role in the success of enhancing or moving programs ahead in any given organization: Organizational readiness, program maturity and leadership status.

	Security Leadership Best Practices Created By: Security Executive Council This group is an extension of the Security Leadership Research Institute (SLRI). It's open to all practitioners in charge of risk management programs. The Security Leadership Best Practices (SLBP) provides access to research and Collective Knowledge™ resources developed by Council staff and faculty (former successful CSOs/CISOs). It also offers an opportunity to participate and in and have input to SLRI projects.

Research & Benchmarks
	Advances and Stalemates in Security Created By: Bob Hayes, Managing Director and Kathleen Kotwica, Ph.D., EVP and Chief Knowledge Strategist, Security Executive Council This SEC report is the result of ongoing research and trending of security-related issues to shed light on some remarkable changes in the security industry in the last seven to ten years, many of which are driven by technology advances and shifts in the business environment.

	Assessment Quiz: Organizational Readiness for Security Created By: By: Security Executive Council The Council has spent years researching this topic and has found that understanding what management thinks Security "is" and "does" is critical. You need to know how management perceives Security in order to educate them on the reality - and to get appropriate buy-in for resource requests or advancement of your goals.

	Issue Exploration: Security Leadership Background Trends Created By: Security Executive Council Based on recent observations, the Council conducted a survey to ascertain whether the backgrounds (or knowledge sets) of security leaders are changing. Download the results and analysis. Interestingly, we found that not only did respondents have military, law or government function experience but also business experience.	Resource is for Tier One Leaders only

	Nine Practices of the Successful Security Leader Created By: The Security Executive Council A series of in-depth practitioner interviews conducted by the Council led to the identification of nine practices that the most successful leaders have in common. Interviews were asked questions related to their top organizational risks, business alignment and drivers, internal influence issues and senior management's view of Security. During the resulting qualitative analysis, it became clear that the interviewees with highly successful, internally recognized security programs had several things in common. TIER 1 LEADERS: Log-in to obtain your copy. OTHER VISITORS: Click the title to order this SEC resource.	Resource is for Tier One Leaders only

	Security Barometer Results - How Much Effort is Spent on Building People Networks for the Benefit of Security Created By: Security Executive Council In our ground breaking research summarized in "The Roadmap for Security Leadership Success" we highlighted 10 important decisions successful leaders make; one of these is the importance of building the right relationships both within and outside the organization. In these Security Barometer results we wanted to investigate how our readers are working on building their network for the benefit of their security programs.

	Security Barometer Results - What Leadership Practice is Most Important to Your Success Created By: Security Executive Council Our community comprises many individuals who are recognized in the industry as highly successful security leaders. Because they have allowed us access to their time and insights, the Security Executive Council was in a unique position to uncover and identify similarities that contribute to strong performance. A series of in-depth interviews led us to identify nine practices that the most successful leaders have in common.

	Security Barometer Results: Are You Fairly Compensated? In this security barometer quick poll we wanted examine to what extent the economy was affecting compensation. However we found something more enlightening in the commentary about why respondents felt the way they did. See how your peers responded here.

	Security Barometer Results: Security Hiring Practices and Security Diversity Created By: Security Executive Council There has been a lot of attention in the news devoted to social media's effects on job recruiting. While few would argue the benefits of using social networks to obtain job candidates this Security Barometer strives to provide more information on how effective social networks are currently performing.

	Security Barometer Results: The Security Executive's Tenure The Security Executive Council set out to gather some information about why leaders in the security and risk mitigation field have been dismissed from their jobs.

	Security Barometer Results: What Business Journals are Security Practitioners Reading? Keeping a close watch on the economic and business trends buffeting your organization is a critical prerequisite for truly understanding how your team supports your organization's goals. In this poll we wanted to get an idea what business journals security practitioners were reading to keep up with those business trends.

	Security Barometer Results: What is Putting Your Continued Employment at Greatest Risk? Overall the results demonstrate that the risks to continued employment that security and risk management executives face are as diverse as the organizations they represent. These risks are largely determined by the state of your organization's perception of the need for security and its unique culture, or what we call "organizational readiness".

	Security Barometer Results: What is the Security Department's Biggest Challenge Created By: Security Executive Council Leading a successful security program is a difficult task. Not only does the risk environment evolve but the organization's managing business leaders also bring challenges to the job.

	Security Barometer Results: Which Educational Background Does Your Management Value More? Created By: Security Executive Council In this Security Barometer poll we wanted to investigate what our community felt their management was looking for in educational background for security and risk mitigation employees.

	Security Title Benchmark: Survey Report Created By: Security Executive Council Based on a Security Executive Council Survey of 415 respondents between September 26 and October 20, 2005.	171KB

	The Successful Security Practitioner’s Top to-Dos Created By: Security Executive Council This document is a concise summary of the key elements you need to know before starting any new role or program. These practices have been identified by the Security Executive Council through our work with some of the leaders of the world’s most sophisticated and accomplished security programs.

	What is the Most Important Characteristic of an Outstanding CSO/CISO? Created By: Security Executive Council It may be no surprise that "relationship building" was selected as the most important characteristic of an outstanding CSO/CISO. Strong relationships assist in many ways from promoting ideas and learning from others to building bonds that become beneficial when crises emerge. Relationship building is crucial to being able to work efficiently within an organization. In his recent Faculty Advisor blog Security Executive Council emeritus faculty member David Quilter pointed out when it comes to gaining knowledge about the business, "...[the] focus has to be on building relationships with your leaders."

Presentation Materials
	Preparing for Next Generation Leader Opportunities Created By: Francis D'Addario, Security Executive Council Emeritus Faculty Preparing for Next Generation Security Leader Opportunities is an excellent resource for the new or existing security leader who wants to prepare him or herself for the future of security. In this 30-minute Proven Practices presentation, narrator Francis D’Addario explains that traditional expectations of the security leader will soon merge with new requirements and measured performance. Organizations have come to expect leadership that is able to respond nimbly, communicate care, and galvanize resources. TIER 1 LEADERS: Proven Practice presentations were created to be guidelines or training tools. This version is an Adobe file but you may contact us at contact@secleader.com for an online version with audio included from the subject matter expert.	Resource is for Tier One Leaders only

	Preparing for Next Generation Security Leader Opportunities Created By: Francis D'Addario, Security Executive Council Emeritus Faculty This presentation discusses the key performance criteria for next generation security leader success. Whether you are new to security risk mitigation, a seasoned practitioner, or want to assist your staff to think more strategically, chances are you can discover some important ideas and techniques in this proven practice presentation and add them to your arsenal.

Books/Guidelines/Manuals
	From One Winning Career to the Next Created By: J. David Quilter, Security Executive Council Faculty This book is for those that desire to transition from a government and/or military service career to the corporate world and become a business focused security leader. Author J. David Quilter's leadership experience spans decades of contributions in both the public and private sectors. This book focuses on the leadership skills the next generation of security leader needs to have a positive impact for any business or organization. For more, listen to a podcast from the author. TIER 1 LEADERS: Log-in to obtain your copy. OTHER VISITORS: Click the title to order this SEC resource.	Resource is for Tier One Leaders only

	Next Generation Security Leadership: Security Related Training Resources v.1 Created By: Security Executive Council As part of its Next-Generation Security Leader Research and Collective Knowledge Project the Council has identified and conducted research on the skill set today’s successful leaders have or have incorporated into their teams. As the Council developed this project, Council staff recognized the importance of providing a list of recommended or vetted resources for training that pertains to each next-generation security leadership skill set. This includes government, organizational knowledge, IT security, executive leadership, business essentials and emerging issue awareness skills. The list of compiled resources includes training courses, certifications, books, online content repositories and degrees available from professional associations, trade associations, for-profit training organizations, and colleges and universities. The majority of these resources are recommendations from Council colleagues, staff and faculty, and are updated as new resources are submitted.	Resource is for Tier One Leaders only

	Security Careers: Defining Jobs, Compensation, Qualifications (Second Edition) Created By: Created By: Jerry Brennan and Steve Walker, Security Executive Council Subject Matter Expert Faculty This newly revised Second Edition is a hands-on tool for the security department; from managers to those looking for their next step in their security career. Use this to document staffing requirements to attract, hire, train, evaluate, and fairly compensate the best security team leaders and staff. The new book includes expanded sections to make the book more useful than ever, incorporating additional insights into the requirements of a good job description and newly updated compensation trend graphs. TIER 1 LEADERS: Log-in to obtain your copy. OTHER VISITORS: Click the title to order this SEC resource.	Resource is for Tier One Leaders only

Articles
	A Brief Introduction to the Value of Corporate Security for Non-Security Professionals Created By: Bob Hayes, Managing Director and Kathleen Kotwica, Ph.D., EVP and Chief Knowledge Strategist, Security Executive Council An explanation of the role and responsibilities of the CSO.

	Addressing the Knowledge Transfer Gap Created By: Bob Hayes, Managing Director and Kathleen Kotwica, Ph.D., EVP and Chief Knowledge Strategist, Security Executive Council This article discusses the seven characteristics of a knowledge-sharing program and the need to have a next generation security leader in place to bridge the transfer gap when an individual leaves the organization.

	After You've Moved Into a New Role in Security Created By: Security Executive Council As a new Security Leader, or an existing one with new responsibilities, how do you engage the business? To be successful, seek the responsibility and authority to align security with the vision and mission of the business. The following are some thoughts on how to approach this.

	Are You Where You Want to Be in Your Security Career? Created By: Security Executive Council In this Security Barometer quick poll we examined whether security practitioners are generally satisfied with the roles they are playing within their organizations.

	Assess Your Skills to Advance Your Career Created By: Security Executive Council Many of us don't engage in self-assessments until job searches force us to. But assessing your competencies has benefits beyond interview prep. It can help you determine what training and experience you can pursue today that might advance your career and your organizational goals now and down the road.

	Becoming a Next Generation Security Leader Created By: Bob Hayes, Managing Director and Kathleen Kotwica, Ph.D., EVP and Chief Knowledge Strategist, Security Executive Council No single skill set or attribute guarantees security leadership success. This article discusses the nine practices of a successful security leader along with some advice to security leaders who aspire to become what we like to call Next Generation Security Leaders - future oriented professionals who work across many domains, run programs that are aligned with their businesses and are influencers in their organizations—should focus both on improving their aptitude and positioning themselves to be in the right place at the right time.

	Coping with Changes to Company Leadership Created By: Bob Hayes, Managing Director and Greg Kane, Director of IT and Product Technology, Security Executive Council A proactive approach to new management is the best recourse; views are easier to change before they become entrenched.

	Don't Delay Development Created By: Dean Correia, Security Executive Council Emeritus Faculty Just like any business objective, you need to develop a plan for your development. Your development means the growth of your team. Realizing the need to develop the next generation of security leaders, the Security Executive Council and its partners led a one-day development program in Seattle on March 4 for the next generation of security leaders. If you want to advance, you have to develop a successor.

	Faculty Advisor: Is Transitioning to Private-Sector Security a Good Option for Me? Created By: J. David Quilter, Security Executive Council Faculty Emeritus Question: I am considering whether a career in corporate security would be a good option. What steps do I need take to determine if there are enough opportunities in security to make this a good decision? Can you offer some advice on a career path for me? Read SEC Faculty member David Quilter's answer to this question.

	Interviewing for Your Core Security Team Created By: Security Executive Council Advice on hiring including questions that can help you decide if a candidate has the skills for the job.

	Key Success Factors I Wish I Had Known: Transitioning from the Public to Private Sector Created By: J. David Quilter SEC subject matter expert J. David Quilter discusses what he wishes he'd known before he first transitioned to the private sector from a public-sector security career, including the cultural and structural differences, how to translate to corporate speak, and how to be a lifelong learner.

	Preparing Today's Security Leaders for the Threats of Tomorrow At the Great Conversation conference in Seattle in April, Security InfoWatch had an opportunity to sit down with Francis D’Addario, the former vice president of partner and asset protection for Starbucks and an emeritus faculty member for the Security Executive Council (SEC). D’Addario leads the SEC’s Next Generation Security Leader program, which is designed to provide security executives with the business skills necessary to survive in today’s corporate landscape. For years, many businesses have seen the security department as a cost center rather than a contributor to the organization’s bottom line, so it is crucial for today’s security leaders to show how they’re delivering value to the business.	213KB

	Security Training Resources Created By: Security Executive Council The Council conducted research on the skill set today's successful leaders have or have incorporated into their teams. This includes government skills, organizational knowledge, IT security, executive leadership skills, business essentials and emerging issue awareness. Next we gathered from Tier 1 Security Leaders, staff and faculty, recommendations for training courses, certifications, books, online content repositories and degrees available from professional associations, trade associations, for-profit training organizations, and colleges and universities. This document is the result of this effort to date. Send your training recommendations to contact@secleader.com	Resource is for Tier One Leaders only

	Things I Learned When Starting a New Security Leadership Role Created By: Bob Hayes, Managing Director, Security Executive Council When you're interviewing for a position, you're so busy getting the job that you don't ask the right questions about what the job actually is. My expectations more often than not were beyond the reality of what I was about to walk into. Here are the questions I wish I had asked up front.

	Twelve Indicators of Successful Security Programs Created By: Security Executive Council Over the last 15 years, the SEC has helped hundreds of security leaders guide their programs to the next level. Each organization's journey to security evolution is unique, but success often shares a series of common indicators.

	Wanted: A New Type of Security Leader Created By: Bob Hayes, Kathleen Kotwica and Francis D'Addario Today's chief security officers need business knowledge to take their organizations to the next level of risk management. Having that knowledge with better help them articulate the value of their security programs to an organization's bottom line, prove that their programs are cost-neutral, and help them establish a common and shared language for defining risk and mitigation and articulating the success or failure points for any given initiative

	Why the CSO Is the Hardest Job in the Company - Part I Created By: Security Executive Council Being a Chief Security Officer has never been easy, but in recent years external and organizational changes have combined to make the CSO role much more complex.

	Why the CSO Is the Hardest Job in the Company - Part II Created By: Security Executive Council In the first article in this series, we discussed the reasons the CSO has become one of corporate America's most complex jobs. But the SEC knows many CSOs who have built successful programs despite the challenges. Here are a few things we've learned from their experiences.

Forums
	Faculty Advisor: A Successful Career Path Consists of Many Varied Decisions and Choices Created By: Mark Lex, Security Executive Council Emeritus Faculty Q. I'm newer to corporate security. Can you give me some tips that might eventually help me to make it to the top spot? Read SEC Emeritus Faculty, Mark Lex's, response to this question.

	Faculty Advisor: Career Change Assessment Created By: Bob Hayes, Managing Director, Security Executive Council I am considering making a career change and have two opportunities in addition to my current position. I'm at a stalemate trying to decide which way to proceed. Do you have any tips on how to evaluate potential opportunities? See how Bob Hayes, SEC Managing Director, responds to this question.

	Faculty Advisor: Developing Today’s Next Generation Security Leaders (NGSL) Created By: Dean Correia, Francis D'Addario, Sean Dettloff; Security Executive Council Emeritus Faculty Our SEC Faculty Advisor panel answers this question: With all the specialty knowledge that certain positions are requiring, whether for new physical security systems, GSOC, and even investigations, how do we develop leaders that can lead these services? How do we best attract, find, develop, and retain the kind of people that are needed for an effective security team?

	Faculty Advisor: Getting to Know the New Boss Created By: Bob Hayes, Managing Director, Security Executive Council It has been announced that security will report to a new boss within a month. Although this is an internal promotion, I have not worked closely with this person in the past. My relationship with my previous boss was excellent. Can you recommend some successful strategies for getting my new executive management to be supportive of the security function? Read Security Executive Council Managing Director, Bob Hayes' answer to this question.

	Faculty Advisor: Higher Education for the Next Generation Security Leader Created By: Dan Rattner, Security Executive Council Emeritus Faculty I have read the Council’s series of articles in the Knowledge Corner on the Next Generation Security Leader. The article about acquiring security training and knowledge, including academic degrees, prompted a question in my mind. I understand that experience in core programs is essential; however, I was wondering if you could give some insight into how higher education is addressing the needs of next generation security leaders.

	Faculty Advisor: How to Really Connect with Your Business Leaders Created By: J. David Quilter, Security Executive Council Emeritus Faculty As Chief Security Officer I have been asked by business leaders, What does “security” really do for our business? I understand that the way I think about and respond to this question will impact the success of my security program and, most importantly, the success of the business. So, what do I say when these kinds of questions are asked? Read Security Executive Council Emeritus Faculty member, David Quilter's, response to this question. David is the author of "From One Winning Career to the Next," which is available for purchase at the Security Executive Council's Leadership Store.

	Faculty Advisor: International Salaries for Security Professionals Created By: Steve Walker, Subject Matter Expert Faculty, Security Executive Council Where can I get info on international pay salaries for security professionals? I have the Council's compensation book and the ASIS salary survey information but they cover North America. Read Subject Matter Expert Faculty, Steve Walker's, answer to this question.

	Faculty Advisor: Leaders Don’t Ask Permission to Lead or to Manage a Budget – They Align and Act Created By: Francis D How can I influentially build, defend, and or proactively manage my budget; ideally free of counterproductive interference? Read Francis D'Addario's answer to this question.

	Faculty Advisor: Making the Necessary Risk Mitigation Strategy Adjustments in Your New Job Created By: Richard Lefler,Security Executive Council Emeritus Faculty I recently accepted a new job as CSO at a company that is in the same sector as where I was previously. Is it safe to expect that since my new job is within the same sector I will be able to employ the same risk mitigation tactics and strategies as before? Read SEC Emeritus Faculty, Dick Lefler's, answer to this question.

	Faculty Advisor: Preparing for Security Career Opportunities in the Private Sector Created By: J. David Quilter, Security Executive Council Faculty Emeritus I am ex-military. I would really like to get into private security, specifically in the area of protection more than anything else. I need to be pointed in the right direction so that I can actually apply the skills I have gained and know something about.

	Faculty Advisor: Security’s Success is About the Business Created By: J. David Quilter, Security Executive Council Emeritus Faculty In today’s down-sized, right-sized and outsourced business operations, I understand as the security director that true business acumen is very important to success as a security leader. How can I make the security department better known to the rest of the organization? Read SEC Emeritus Faculty member, David Quilter's answer to this question.

	Faculty Advisor: Take Care of Your Staff and They’ll Take Care of Your Organization Created By: Dean Correia, Security Executive Council Emeritus Faculty Is there a correlation between establishing positive relationships with employees and the ability to build a strong security organization? See how Security Executive Council Emeritus Faculty member, Dean Correia, responded to this question.

	Faculty Advisor: The CSO as a Business Leader Created By: Kathleen Kotwica, Ph.D., EVP and Chief Knowledge Strategist, Security Executive Council Can you provide me some keys to demonstrate that the CSO is (needs to be) a business leader? Read Kathleen Kotwica's, answer to this question.

	Faculty Advisor: The Next Generation Security Leader Created By: Francis D I’ve been at a manager level for a while now and I want to get to the next level. My boss is great but she is busy and doesn’t have time to coach me. What’s my best plan of attack? Read Security Executive Council Emeritus Faculty member, Francis D'Addario's answer to this question.

	Faculty Advisor: Who Should Security Executives Report To? Created By: The Security Executive Council Various companies approach the considerations in hiring a Chief Security Officer differently. This blog depicts a fictitious scenario where top management is considering upgrading their security program. It then asks the reader for feedback after reviewing the conversation.

	Knowledge Exchange: Succession Planning Created By: Security Executive Council Tier 1 Security Leaders and faculty shared experiences and advice on "leaving the knowledge behind" in preparation for moving on (e.g., influencing factors, program type, planning steps, human expectations, optimum circumstances, cost and an outline for in-house succession).	Resource is for Tier One Leaders only

	Next Generation Security Leader Program Created By: Security Executive Council The Security Executive Council in partnership with the University of South Carolina Darla Moore School of Business have developed a Next Generation Security Leader Development Program. It consists of six 90-minute seminars. This program features an exceptional panel of security/risk mitigation leaders. Current and future risk management leaders benefit from this affordable and eco-friendly six-month virtual long-distance course exploring cross-functional, unified risk oversight as well as return-on-investment capable approaches for board-level risk mitigation and organizational resilience. Sessions include: Aligning Board Level Risk and Business Unit Mitigation Strategies, Communicating All-hazards Risk, Mitigation and Performance Metrics, Next Generation Organizational Leadership: Running Security as a Business, Influencing Community All-Hazard Preparedness and Resilience, Adding Business Value with Mission Assurance and P&L Performance, Managing Information Protection, Breaches and Situational Intelligence. Click here to go to the Next Generation Security Leader blog.

	Security State of the Industry November 2015 Briefing - Winning Stories and Unique Strategies in Managing Your Career Path Created By: Security Executive Council This Security State of the Industry session contains presentations by SEC staff, faculty and Tier 1 Leaders™ sharing research, lessons learned and successful practices and strategies for managing your career path.

Multimedia
	2013 Next Generation Security Leader Program Created By: Security Executive Council Francis D'Addario, SEC Emeritus Faculty member and former Starbucks CSO, discusses at the Great Conversation in Seattle how the SEC's Next Generation Leadership program is addressing current and future issues and challenges facing security executives.

	Developing Next Generation Security Leaders Created By: Francis D'Addario, Security Executive Council Emeritus Faculty Former Starbucks CSO and Security Executive Council Emeritus Faculty Member Francis D’Addario discusses the SEC’s Next Generation Security Leader Program and the characteristics up and coming security executives need to have to be successful in today’s career landscape. (Recorded at The Great Conversation in Seattle, Wash., March 4 &5, 2013)

	Hallmarks of Security Leadership Created By: George Campbell, Security Executive Council Emeritus Faculty George Campbell, emeritus faculty member of the Security Executive Council, discusses the traits he looks for in a security leader, as well as how metrics can be used by security practitioners to get buy-in from the organization. (Recorded at The Great Conversation in Seattle, Wash., March 4 &5, 2013)

	Key Success Factors I Wish I Had Known: Starting a New Position or New Responsibility Created By: Bob Hayes, Managing Director, SEC SEC Managing Director Bob Hayes discusses factors that will help security practitioners succeed in a new position, including running security like a business, alignment with the organization, and knowing the service delivery model.

	Often Missed Key Strategies That Can Undermine Your Program and Career Created By: Bob Hayes, Managing Director, SEC Leveraging 15 years of research and trending the SEC has found six factors that play a key role in the success of security programs in any organization.

	Shaping the Future of Security Leadership Created By: Bob Hayes, Managing Director, Security Executive Council Bob Hayes, founder and managing director of the Security Executive Council, discusses the genesis of the organization's Next Generation Security Leader program and how it will provide a quality educational foundation for future security executives. (Recorded at The Great Conversation in Seattle, Wash., March 4 &5, 2013)