A Security Barometer poll conducted by the Security Executive Council finds that corporate security and cyber security functions have interacted and cooperated more in the last 12 months than in previous years.
The survey, conducted in collaboration with SEC strategic alliance partner ISC2, identified emerging issues of joint interest as the most frequent drivers for the increase.
Business effective solution
Comments from participants showed that many security leaders view cooperation between functions as critical to organisational success and even survival. However, it doesn’t necessarily entail a structural convergence of the two functions.
A cross-functional committee may produce a more effective solution for the business"
“It is important for security leaders to realise that interaction and cooperation between corporate and cyber security do not require them to exist in the same reporting structure or report to the same person,” says Greg Kane, Senior Analyst of the Security Leadership Research Institute, the research arm of the Security Executive Council. “A cross-functional committee may produce a more effective solution for the business.”
Optimising risk response
“Most people look at the convergence of cyber and corporate security as an organisational structure issue, but the bottom line is, we are all talking about malicious intent, whether it’s delivered in person or digitally,” says Bob Hayes, Managing Director of the Security Executive Council.
“Convergence isn’t about organisational structure. It’s about aligning risk and strategy, collective knowledge and skills, and optimising and coordinating the identification, intervention, response, and remediation of risk.”