This research report presents the findings of a broad survey of corporate security programs conducted by the Security Executive Council’s Security Leadership Research Institute (SLRI). The researchers' objective was to benchmark the state of the security industry in terms of organizational structure, budget, staff resources, board-level risk concerns, program drivers, and services provided. The level of responsibility each respondent reported for a list of 30 security programs or services is also compared across several organizational categories.
This report can be used by security professionals for introspective analysis of the security team within their organizations, external review of the ways in which other organizations approach risk management, internal justification of security budgets and initiatives, and for performance metrics.
Corporate Security Organizational Structure, Cost of Services and Staffing Benchmark is a part of Elsevier’s Security Executive Council Risk Management Portfolio, a collection of real world solutions and "how-to" guidelines that equip executives, practitioners, and educators with proven information for successful security and risk management programs.
- Summarizes the key findings of a large survey on security programs conducted by the Security Executive Council’s Security Leadership Research Institute (SLRI)
- Breaks down survey responses by organization size, scope of responsibility, industry, and more in easy-to-read charts and tables
- Provides invaluable insight into other organizations’ existing security programs and services
Current security managers and executives who want to learn more about existing security programs at other companies; security practitioners who need data to justify their own security programs and services; and educators who need statistical information to describe security programs to students.
What is a Research Report?
Section I: Organizational Demographics
Section II: Respondent Demographics
Section III: Security Budget
Section IV: Security Employees
Section V: Board-Level Risk Category Breakdown
Section VI: Program Drivers
Section VII: Security Program Governance
Section VIII: Risk Oversight
Section IX: Security Programs
Appendix A. Board-Level Risk Categories
Appendix B. Data Cleansing
About the Authors
About Elsevier’s Security Executive Council Risk Management Portfolio
- No. of pages:
- © Elsevier 2013
- 7th June 2013
- eBook ISBN:
- Paperback ISBN:
Bob Hayes has more than 25 years of experience developing security programs and providing security services for corporations, including eight years as the CSO at Georgia Pacific and nine years as security operations manager at 3M. His security experience spans the manufacturing, distribution, research and development, and consumer products industries as well as national critical infrastructure organizations. Additionally, he has more than 10 years of successful law enforcement and training experience in Florida and Michigan. Bob is a recognized innovator in the security field and was named as one of the “25 Most Influential People in the Security Industry” in 2007 by Security magazine. He is a frequent speaker at key industry events. He is a leading expert on security issues and has been quoted by such major media outlets as the Wall Street Journal and Forbes. Bob is currently the managing director of the Security Executive Council.
Managing Director, Security Executive Council; former CSO, Georgia-Pacific
Greg Kane has held a director role for the Security Executive Council since 2006. In this role he is responsible for mitigating risk as it applies to IT systems and the extensive intellectual property assets contained within. He has been responsible for disaster recovery and business continuity for various organizations for over 20 years. His work experience also includes analysis of security-related regulations, standards, and guidelines in order to encourage efficient and value-added compliance management. Greg leverages his strong skills in research and analysis to write a monthly security newsletter published to an audience of over 10,000 security practitioners. Before joining the Security Executive Council, Greg provided services to multiple businesses from retail to high tech manufacturing. This included more than 10 successful years with a leading international business consulting services provider. Greg's educational background includes an MS degree in computer science and an MBA.
Director of IT and product technology, Security Executive Council
Kathleen Kotwica has a PhD in experimental psychology from DePaul University and has had a career as a researcher and knowledge strategist. Her experience includes positions as information architecture consultant at a New England consulting firm, director of online research at CXO Media (IDG), and research associate at Children's Hospital in Boston. She has authored and edited security industry trade and business articles and has spoken at security-related conferences including CSO Perspectives, SecureWorld Expo, ASIS, and CSCMP. In her current role as EVP and chief knowledge strategist at the Security Executive Council she leads the development and production of Council tools, solutions, and publications. She additionally conducts industry research and analysis to improve security and risk management practices.
Executive vice president and chief knowledge strategist, Security Executive Council and Security Leadership Research Institute