Corporate Security is all of the measures that are needed in order to maintain good order and discipline around the Corporate structure. This could be something as simple as installing cameras to your facility or as painful as ensuring the firewalls and cyber defenses of 5000 laptops spread throughout your organization are good to go. Depending on how big your organization may be you may have multiple managers on the ground supervising and ensuring secure continuity through the globe. Most companies break these managers down by regions…LATAM, North A, Asia. Managers are then broken down into responsibilities..regional, site, directors, etc…If your organization is small, under 500 employees and all under one roof then it can be quite streamline.
A small organization that’s in one place can have one main CSO-Corporate Security Officer that can set policy and systems and then delegate to managers that they be put in place and executed. This one is easier because it’s all under one roof. As the organization is spread out and more structures are in place then he should identify an area manager to manage that site and execute the company’s policies.
If your organization is fractured and you have many areas in play, if the budget permits you should have one dedicated person to the security apparatus that runs that site. All of this depends of course on assets in place, area, personnel count and other factors that drive the amount of security effort that that site requires. Employees need systematic and consistent procedures in place in order to be the most aware and security minded. Enclosed is a brief outline that I use when talking to clients about their programs, it is the minimum of what one should be thinking about within their organization.
Managing the remote worker and their cyber faults is becoming the new headache. Having systems and procedures in place for managing PII – Personal Identifiable Information and just all around cyber slopinnes is going to be key in a post pandemic workplace, some workers will come back to the office but many are going to stay home. What measures can be put in place in order to achieve maximum cyber security for the organization? Here are some clear clear metrics you can track and present to your stakeholders:
- Level of preparedness: How many devices on your network are fully patched and up to date?
- Unidentified devices on internal networks
- Intrusion attempts: How many times have bad actors attempted to gain unauthorized access?
- Security incidents: How many times has an attacker breached your information assets or networks?
- Mean Time to Detect (MTTD): How long do security threats go unnoticed?
- Mean Time to Resolve (MTTR): What is the mean response time for your team to respond to a cyber attack once they are aware of it?
- to see some more metrics go here: https://www.upguard.com/blog/cybersecurity-metrics