The Security Executive Council’s Security Leadership Research Institute (SLRI) has released highlights of its study on the state of security convergence, conducted jointly with Kennesaw State University’s Coles College of Business.
The research sought to determine the veracity of a common assumption in the security field: that most high-performing and successful security functions operate within a “converged” structure, with corporate and cyber security reporting to a single security or risk executive. It more broadly sought to gauge the state of optimisation that can be had with stronger collaboration between corporate and cyber security.
SLRI and Kennesaw State University
SLRI and Kennesaw State University will now move to phase 2 of this project which will dive deeper into issues
Among other findings, the study determined that security collaborative optimisation (SCO) can be found not only in organisations where cyber and corporate security are structurally merged but in organisations where the two functions are separate, with separate leaders and reporting lines. In all SCO structures, good relationships, strong communication, and transparency were key factors in collaborative success.
The study further found that most structural shifts towards greater collaboration resulted from unexpected organisational changes, including mergers and negative security events. The released findings represent highlights of the full research report, which is currently only available to study participants.
The SLRI and Kennesaw State University will now move to phase 2 of this project, which will dive deeper into issues such as joint metrics, staff group structures, cost, and whether the industry of the participant company impacts SCO.