JUly 2021
The 2021 Security Benchmark Report survey is open and will close on July 31, 2021. How does your security program compare with other companies in your market sector? How do the roles and responsibilities of your security program match up with your peers? What leading trends and management ideas can we learn from The Security Benchmark Report?
The Security Benchmark Report (formerly the Security 500 report) showcases our profession's organizations and serves to examine the maturity of a company’s security program. This report includes a breakdown of the roles and responsibilities of security within the enterprise, along with the biggest challenges and targets for where billions of dollars will be invested to manage enterprise risk and improve security as identified in the annual Security Benchmark Survey.
Pass along the survey to the person in charge of enterprise security within your organization and don't miss the chance to be a part of this valuable, metrics-driven report. Thank you to our Security readers for your editorial support in pursuing this program, now in its 15th year!
Data will be reported in Security's November digital edition and online.
A new report from LogRhythm, “Security and the C-Suite: Making Security Priorities Business Priorities,” based on research conducted by the Ponemon Institute, found that, while most organizations have experienced a cyberattack in the last two years (60%) and spend approximately $38 million on security activities, only 7% of security leaders are reporting to the CEO. Yet, 42% of respondents say the IT security leader should be the person most accountable for preventing or mitigating the consequences of a cyberattack.
Cybersecurity leaders shared they have assumed more accountability and risk, but struggle to achieve the desired security posture, because they are not seen as influential or valued members of their peer group, according to the research. Sixty percent of respondents say the cybersecurity leader should report directly to the CEO, because it would create greater awareness of security issues throughout the organization. However, because the majority of security leaders are three steps away from the CEO, only 37% of respondents say their organization values and effectively leverages the expertise of the cybersecurity leader.
“While security leaders are assuming more responsibility than ever before, they lack the necessary organizational visibility and influence to effectively build and mature their security programs,” said James Carder, Chief Security Officer of LogRhythm. “Comprehensive cybersecurity programs are integral to the success of an organization. This research should spur CEOs to take accountability for safeguarding their organization’s sensitive information, prioritize the security program by elevating the security leader and ensure inroads between security decision-makers, the C-suite and the board.”
For more findings, please visit https://www.securitymagazine.com/articles/95472-of-security-leaders-dont-report-to-ceo
The International Security Foundation (ISF) announced that Secretary Madeleine Albright is the ISF 10th Anniversary Speaker for the ISF Virtual Reception on Wednesday, November 17, 2021, 5 p.m. EST. The global virtual event, hosted by the ISF during OSAC’s virtual Annual Briefing week, celebrates OSAC’s private-public partnership with the OSAC Awards and celebrates the ISF’s 10th anniversary.
Secretary Albright’s remarkable career of service to the United States and ground-breaking experience on the world stage – she was the first female U.S. Secretary of State – will serve as the inspiration and backdrop to her highly anticipated remarks at the global, online event. Secretary Albright is Chair of Albright Stonebridge Group and a professor, author, diplomat and businesswoman who served as the 64th Secretary of State of the United States. She received the Presidential Medal of Freedom, the nation’s highest civilian honor, from President Obama on May 29, 2012.
Learn more about the 2021 ISF Virtual Reception. Registration will open in the fall.
While coronavirus restrictions and an increase in remote work meant that events like an active shooter incident or workplace violence were the least common emergencies in 2020, it’s critical employees understand safety procedures as on-site work makes a return.
However, a third of respondents said they were not aware of or not sure about emergency plans for certain emergency incidents, with most “no/not sure” responses for emergency plans related to active shooter incidents, cyberattacks/system outages and workplace violence, according to Rave Mobile Safety’s 2021 “Workplace Safety and Preparedness Survey.”
Additionally, the survey found workplaces are not practicing for prevalent events like medical emergencies and severe weather. Thirty-seven percent of respondents said that their employer never held safety drills for medical emergencies or exposure to illness and 38% of respondents said they never drilled for severe weather events.
For more on this survey, please visit https://www.securitymagazine.com/articles/95379-survey-finds-many-workers-dont-know-emergency-procedures
JUly 2021 | securitymagazine.com