domingo, 24 septiembre 2023
Visitas totales a la web: 88972918

El portal de los profesionales de seguridad y emergencias

Nº 1 del mundo en español en seguridad global

Soluciones de seguridad global

A CSO’s challenge for building a global risk strategy

Mark Freedman is CEO & Founder of Rebel Global Security, a consultancy that helps security executives build strategies that account for geopolitics, nation-state attacks, espionage, terrorism, and other global threats. Mark is a CPP and former State Department strategy advisor.

Without a strategy, security plans are almost impossible to implement, and C-suite engagement can be jeopardized

Global security risks are mounting, creating a nightmare for senior security executives. From cyber threats to terrorism, pandemics to supply chain compromise, companies must contend with a rapidly changing global risk environment. Staying ahead of threats feels more difficult than ever before, and not keeping up can result in your company’s name in the headlines or even personal legal risk.

Traditionally, there have been some go-to options for security leaders interested in mitigating their organization’s global risk exposure. Geopolitical risk subscriptions can keep leaders informed of foreign political developments. Cyber threat intelligence provides IT security teams insight into the latest tactics, techniques, and procedures from the likes of Russia and North Korea. Travel security and business continuity policies aim to keep company personnel safe overseas and minimize business disruptions. The list goes on.

The challenge with these solutions – which the accelerating global threat environment has laid bare – is in their patchwork nature. Each, whether performed in-house or contracted out, is critical to protecting an organization’s assets. But if there is no overarching strategy that integrates these functions, security executives will forever be reacting to contact instead of driving a proactive risk management agenda.

Revisiting the Value of Strategy

“Strategy” has become one of the most meaningless words in the dictionary, used so frequently and in so many ways that it has lost its salience. For some exposition on this, check out the first few pages of Lawrence Freedman’s (no relation) Strategy: A History.

But despite the word’s overuse, strategy is an important business function that makes leaders and organizations more effective and efficient. It is, simply put, “the way in which a business, government, or other organization carefully plans its actions over a period of time to improve its position and achieve what it wants.”

For security executives, who face persistent cost pressures and a highly unstructured risk environment, having a strategy – and doing the daily work of strategy – is especially important. The strategy provides clarity on how money should be spent (and how to ask for more), how team members’ time should be utilized, and how the security function of an organization can be viewed as a value generator rather than a cost center. Without a strategy – or with one that is not implemented – every decision becomes more difficult to make and every ounce of C-suite and board support harder to extract.

Security leaders who want to wake up from the global calamity nightmare, there isn’t an easy fix. Getting serious about strategy is essential.
Security leaders who want to wake up from the global calamity nightmare, there isn’t an easy fix. Getting serious about strategy is essential.

How to “Do” Strategy

Security leaders who want to build a new global risk strategy or improve their existing one should start with a current state assessment. This phase of the process is focused on fact-finding. Many of the key questions are probably easily answered: What assets do we have? What’s most important to protect? What does our current security posture look like?

Others may require more time and effort: What is going on in the global threat environment that is impacting us now or could impact us in the future? How might cyber, physical, insider, and reputational threats intersect, especially as technology evolves in the next few years? What is special or unique about our organization that may catch the interest of foreign adversaries?

Once these questions are answered and a baseline is established, it’s time to envision a target future state. When doing so, it’s important to pin a date to the wall. For example, where do we want our organization to be in 2025? Then you can tangibly answer questions like What business objectives need to be accomplished by that time? And what will the security function look like – what will it have achieved – to facilitate those business objectives even in the face of the global risks identified?

Once the current and future states are established, it becomes possible to set goals and objectives. You will have to answer: To reach our target future state by 2025, where do we need to spend money today? Which of our security programs requires more focus, and which can be reduced? What activities do we need to start this month, and which can be launched in the middle of next year? How frequently do we need to engage with key stakeholders to keep our strategy on track?

The strategy formulation process concludes with drafting, coordination, and implementation. It’s important to codify the strategy on paper, share it early with partner offices for their input, and then monitor strategy implementation regularly. Security executives should be proactive in assigning actions to team members and establishing regular check-ins to track progress and course correct where necessary. Global threats are ever-changing, so while having a strategy is essential, it will need to be tweaked routinely to keep pace with emerging issues.

This process can sound simple, but few organizations do it well and consistently. Putting a strategy in place requires dedicated time and a structured approach. Once it’s time to implement, other work tends to get in the way, rendering the daily work of strategy an afterthought, something to be revisited annually or in response to an enterprise-wide tasking.

But for security leaders who want to wake up from the global calamity nightmare, there isn’t an easy fix. Getting serious about strategy is essential.

Fecha de publicaciónseptiembre 29, 2022

BELT.ES no se hace responsable de las opiniones de los artículos reproducidos en nuestra Revista de Prensa, ni hace necesariamente suyas las opiniones y criterios expresados. La difusión de la información reproducida se realiza sin fines comerciales. 

Listado de Expertos

Recomendado

Profesión militar: Obediencia debida frente a la obligación de disentir

Con ocasión de la realización de estudios en el Instituto Universitario Gutiérrez Mellado tuve la ocasión de leer y analizar una serie de documentos de opinión que trataban en profundidad las diferentes facetas presentes en el campo de las relaciones cívico-militares; temas que , habitualmente, no han estado presentes en los diferentes cursos y actividades formativas en la enseñanza militar, ni, por supuesto, en la civil.

El amor de Macarena Olona por la Guardia Civil empieza por su pareja, un joven oficial condecorado

El padre de su hijo llegó a la Benemérita como militar de carrera y, los que le...

La artillería ‘made in USA’ comprada por Marruecos que deja fuera de juego a España

El país magrebí sigue reforzando sus fuerzas armadas a golpe de talonario, y no lo hace de...

Últimas noticias

Vae Victis!

Así se forjó el mundo a través de estas veinte batallas y derrotas

BOMBEROS FORESTALES SIN MEDIOS ANTE LA CAMPAÑA DE INCENDIOS: «VAMOS CON MIEDO»

Ya ha pasado un año, pero a los bomberos de Zamora todavía les tiembla la voz cuando recuerdan el verano de 2022. La virulencia de las llamas dejó 267.946,58 hectáreas calcinadas a lo largo del territorio en 12 meses, convirtiendo a 2022 en el año con más superficie afectada por el fuego de los últimos diez años, más del doble de la media anual registrada en España según los datos avanzados por el Ministerio para la Transición Ecológica y Reto Demográfico.

CORONACIÓN, «GLOBAL BRITAIN» Y SEGURIDAD (2ª parte)

El doble propósito de esta segunda parte del artículo titulado “Coronación, ‘Global Britain’ y seguridad”, es, por una parte, resaltar el papel fundamental de la seguridad para el normal desarrollo de todo evento de masas, y por otra parte, tratar de describir la planificación, aplicación y evaluación del dispositivo de seguridad realizado para la coronación del rey Carlos III del Reino Unido.

Grandes talentos españoles en el nuevo vídeo de seguridad a bordo de Iberia

Un tripulante de cabina de pasajeros (TCP) situado en un extremo del pasillo del avión, hace una demostración a los pasajeros de distintos elementos de seguridad a bordo mientras por la megafonía se escucha una locución que acompaña sus gestos con instrucciones en dos idiomas. Este pequeño ritual previo al despegue se repite miles de veces cada día en todo el mundo, forma parte ya del imaginario colectivo y es consustancial al hecho de viajar en avión. Ahora, ha sido recreado en clave promocional por un video que acaba de ser presentado en sociedad por Iberia y Turespaña como parte de una campaña impulsada por ambas instituciones para promocionar distintos destinos de nuestro país.

Executive Protection in the Age of Technology: Addressing the Risks

Executive protection (EP), in its original form, is purely physical. Over the years, however, it has evolved dramatically. Today’s understanding that prevention is the primary key has forever changed the traditional approach. As technology advances, the line between physical security and cybersecurity is becoming more blurred, exposing executives to numerous cyber threats that can result in physical vulnerabilities. And the risk of cyber threats can range from hacking of personal devices to surveillance via bugs in homes, vehicles, and offices.