Solutions Snapshot by ProQuest


The greater the risk exposure in any given area, generally the more funds will be allocated to mitigate those risks, or the more security will cost financially. However, company executives may choose to accept certain risks and not to allocate funds to mitigate them.

More Info
									Solutions Snapshot

 Richard Lefler, former CSO,                 Bob Hayes, Managing                    Michael Philips, Director           Denise Reubens, Sr. Director
 American Express, Dean of               Director, Security Executive             of Corporate Security, Bose           Global Security, Microsoft
 Faculty, Security Executive                        Council                              Corporation                          Corporation

                                   How do you define the cost of security?
     The traditional measurement            During any persuasive execu-            How to define the cost of             The cost of security is a direct
of security costs includes operat-      tive presentation on security pro-      security will differ for each com-    correlation to the ability to suc-
ing costs, capital investments that     gramming or initiatives, you can        pany, depending on factors such       cessfully identify, analyze and
measure what a company spends           count on being asked how your           as the company culture and exec-      mitigate potential risks to your
to protect its employees, brand         idea or proposal compares to oth-       utive management’s perception         company. The business should
reputation and often, customer          ers in the industry and how the         of how increased or decreased         prioritize risks by impact and
relationships.                          cost compares to your peers’.           security will mitigate risk.          likelihood and the opportunities
     Businesspeople are trained to      For decades, this has been prob-            The greater the risk exposure     to reduce, control and/or monitor
analyze the return that a given         lematic because of a total lack of      in any given area, generally the      these risks.
investment will yield, and often,       common industry benchmarks and          more funds will be allocated to           Robust planning with ongo-
if that investment does not meet        information sharing. There is no        mitigate those risks, or the more     ing risk assessment, gap analysis,
the company “hurdle rate,” the          area in which this lack of shared       security will cost financially.       intelligence, exercising, tabletop
investment is not made.                 definition is more evident than in      However, company executives           training and program enhance-
     Measuring security returns         determining the cost of security.       may choose to accept certain          ments will increase your capabili-
is difficult for businesspeople             To complicate matters even          risks and not to allocate funds to    ties and effectiveness to respond,
because security programs  pre-         further, there has never been more      mitigate them.                        stabilize and recover during and
vent problems and financial loss-       intense interest on management’s            Periodic risk assessments         after the tim
To top