eBook - ePub
Security Leader Insights for Risk Management
Lessons and Strategies from Leading Security Professionals
- 60 pages
- English
- ePUB (mobile friendly)
- Available on iOS & Android
eBook - ePub
Security Leader Insights for Risk Management
Lessons and Strategies from Leading Security Professionals
About this book
How do you, as a busy security executive or manager, stay current with evolving issues, familiarize yourself with the successful practices of your peers, and transfer this information to build a knowledgeable, skilled workforce the times now demand? With Security Leader Insights for Risk Management, a collection of timeless leadership best practices featuring insights from some of the nation's most successful security practitioners, you can.This book can be used as a quick and effective resource to bring your security staff up to speed on security's role in risk management. Instead of re-inventing the wheel when faced with a new challenge, these proven practices and principles will allow you to execute with confidence knowing that your peers have done so with success. Part one looks at the risk assessment and subtopics such as compliance, using risk assessments to increase security's influence, and risk indicator dashboards. Part two discusses risk management topics such as board-level risk, global risk, risk appetite, and enterprise risk management (ERM).Security Leader Insights for Risk Management is a part of Elsevier's Security Executive Council Risk Management Portfolio, a collection of real-world solutions and "how-to" guidelines that equip executives, practitioners, and educators with proven information for successful security and risk management programs.- Each chapter can be read in five minutes or less, and is written by or contains insights from experienced security leaders.- Can be used to find illustrations and examples you can use to deal with a relevant issue.- Brings together the diverse experiences of proven security leaders in one easy-to-read resource.
Frequently asked questions
Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
Perlego offers two plans: Essential and Complete
- Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
- Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, weāve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere ā even offline. Perfect for commutes or when youāre on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Yes, you can access Security Leader Insights for Risk Management by Richard Chase in PDF and/or ePUB format, as well as other popular books in Business & Gestione dell'informazione. We have over one million books available in our catalogue for you to explore.
Information
Part 1
Risk Assessment
Outline
Chapter 1
Looking at Risk from a Different Angle to Achieve Results
Looking at Risk from a Different Angle discusses how looking at a problem from a different perspective can help solve a particularly costly or significant safety threat. Using the example of metal theft, the author explains how traditional antitheft programs focus solely on the scene of the crime and catching the thief, whereas sometimes it can be more effective to target the unscrupulous metal purchasers or other facilitators who buy the stolen metal. More importantly, security professionals should emphasize the reduction of financial loss from their effortsāterms business leaders appreciateārather than the number of crimes or arrests.
Keywords
Antitheft program; business goals; financial impact; metal theft; security problem
By Robert D. Gates, security executive at a Fortune 100 company
Sometimes finding the solution to a security problem is about changing how you look at it. This can be a challenge, particularly if the problem is costly or is a significant safety threat. Our first reaction may be to find the most familiar or simplest way to make an immediate impact on the issue. But true security leadership requires us to stop and think about the problem through the eyes of the business and its goals, and to change our tactics based on what we see. One good example of this is how companies have dealt with the problem of theft of copper and other valuable metals.
Metal theft has proliferated over the years, and with the steady increase in commodity prices, it is expected to continue in frequency, causing significant financial loss. These thefts have a deleterious effect on the quality of life in local communities. Copper water pipes, electrical lines, telecommunication, and other critical infrastructure support the lives and daily activities of everyone. Telecom cable theft results in the degradation of emergency communication circuits, putting individuals, first responders, and whole communities at risk.
Over the years, numerous solutions to this problem have been debated, proposed, and postulated, with varied results. Companies and law enforcement have invested their efforts, but both find themselves competing for diminishing resources. Recognizing that criminals need to dispose of the stolen material, the scrap and recycling industry has advocated proactive antitheft initiatives. Yet metal theft remains a significant problem for critical infrastructure (CI) and key resources (KR) providers, contractors, government, the community at large, and the professional scrap and recycling industry. That could be because of the way the problem is viewed.
Antitheft programs are often focused on the scene of the crime. Catching the bad guy, while well intended, is an expensive, time consuming, and reactive response, lacking sustainable long-term benefits. Insightful industry leaders, along with progressive law enforcement, have shifted from viewing the problem as a property crime to viewing it as a financial crime. After all, metal has value only to the extent that it can be converted to cash.
Therefore, instead of enacting preventive countermeasures and consuming investigative resources solely at the point of the theft, some businesses have found success in shifting scarce resources to the point of the financial exchange: the unscrupulous metal purchasers or facilitators who donāt follow customary industry standards or recommended practices. Recyclers are required to obey applicable ordinances, environmental laws, licensing laws, and other regulatory requirements within their states and local communities.
Augmenting traditional law enforcement and regulatory action, some metal owners have begun pursuing aggressive civil remedies, including threatening independent legal action against those who facilitated the value-exchange by intentionally or negligently disregarding industry standards or by failing to implement reasonable transactional safeguards.
When implemented, the value-exchange model results can be dramatic. In an actual case, a 70 percent decline in financial losses in a one-year period occurred. These are quantifiable financial results, something business leaders and executives will understand and appreciate.
This strategy does require investigative due diligence:
ā¢ The metal owner must know the trusted players in the recycling industry and vice-versa.
ā¢ Positive relationships, including mutual education, must evolve between ethical local recyclers and the metal, CI, and KR owner/operators. The parties need not be adversaries.
ā¢ Theft incidents require promptly focusing on the points of conversion, not the point of thefts.
ā¢ Suspect and informant questioning needs expansion beyond actual thefts, to identifying transactional facilitators.
ā¢ Once evidence of stolen material is located, the exchange facilitator must be held accountable.
In short order, exchanging stolen metals for cash increases in difficultly, and the risk-value equation becomes out of balance, resulting in fewer incidents of theft.
While traditional countermeasures against metal theft should not be abandoned, metal theft is too often viewed solely as a property crime and the resulting efforts ineffective. Rethinking the problem in financial terms opens new and often more effective options and sustainable results: disrupting and removing the market for stolen goods eradicates the incentive for future thefts.
What does this mean for the security professional? Reducing financial lossesānot merely counting crimes or arrestsādefines results and success. Which story facilitates business success, and what does your business leader want to hear?
Chapter 2
Learning from the Past
Risk Management versus Compliance
In Learning from the Past: Risk Management versus Compliance, the author draws a comparison with the Titanic disaster of 1912 as an example of what not to do when thinking about safety and compliance. With the Titanic, its parent company White Star focused on legal compliance rather than mitigation of risk, which ended up costing many passengers and crew their lives. If the Titanic had a security team that acted as true business partners, they likely wouldāve recommended enough lifeboats for everyone on board, an easily implemented risk mitigation tactic.
Keywords
Business partner; compliance; risk management; risk mitigation; strategic planning; Titanic
With insight from Will McCann, director of security training and communications at Capital One
It has been more than 100 years since the tragic sinking of the Titanic. Over the last several years, weāve seen the innumerable ways people try to either memorialize or capitalize on the tragedy, including the re-release of the 1997 movie Titanic in 3D, the production of a commemorative coin, andābelieve it or notāa series of Titanic memorial cruises. Some members of the security community recently chose to remember the event in a more constructive way.
Members of the Next Generation Security Leader (NGSL) LinkedIn Group, which exists to provide participants in the Security Executive Councilās Next Generation Security Leader Development program with an opportunity to discuss course material with their peers and instructors, compared the risk management focus of the Titanicās parent company, White Star, and some organizations today.
Will McCann, director of security training and communications at Capital One, began the thread: āIn [the first session of the NGSL program], I was struck by the critical distinction one of the speakers made between compliance and risk mitigation. I immediately thought of the Titanic, which, though it carried enough lifeboats to comply with the law, had far fewer than necessary to save ev...
Table of contents
- Cover image
- Title page
- Table of Contents
- Copyright
- Introduction
- Part 1: Risk Assessment
- Part 2: Risk Management
- About the Contributing Editor
- About Elsevierās Security Executive Council Risk Management Portfolio