Back to School Savings: Save up to 30% on print books and eBooks. No promo code needed.
Back to School Savings: Save up to 30%
Measuring and Communicating Security's Value
A Compendium of Metrics for Enterprise Protection
1st Edition - March 28, 2015
Author: George Campbell
Paperback ISBN:9780128028414
9 7 8 - 0 - 1 2 - 8 0 2 8 4 1 - 4
eBook ISBN:9780128028438
9 7 8 - 0 - 1 2 - 8 0 2 8 4 3 - 8
In corporate security today, while the topic of information technology (IT) security metrics has been extensively covered, there are too few knowledgeable contributions to the… Read more
Purchase Options
Save 50% on book bundles
Immediately download your ebook while waiting for your print delivery. No promo code is needed.
In corporate security today, while the topic of information technology (IT) security metrics has been extensively covered, there are too few knowledgeable contributions to the significantly larger field of global enterprise protection. Measuring and Communicating Security’s Value addresses this dearth of information by offering a collection of lessons learned and proven approaches to enterprise security management.
Authored by George Campbell, emeritus faculty of the Security Executive Council and former chief security officer of Fidelity Investments, this book can be used in conjunction with Measures and Metrics in Corporate Security, the foundational text for security metrics. This book builds on that foundation and covers the why, what, and how of a security metrics program, risk reporting, insider risk, building influence, business alignment, and much more.
Emphasizes the importance of measuring and delivering actionable results
Includes real world, practical examples that may be considered, applied, and tested across the full scope of the enterprise security mission
Organized to build on a principal theme of having metrics that demonstrate the security department’s value to the corporation
Security officers, security management and executives, business executives with security departments
Chapter 1. Metrics Management—It is Not About the Numbers
Introduction
Metrics Program Assessment
Building Your Program
Great Data, Great Opportunity but Bad Presentation!
What is the State of the Art in Corporate Security Metrics?
Benchmarking Your Metrics with Peers
Finding Value in Security Benchmarking
Benchmarking Security Metrics Programs
Summary
Chapter 2. Quantifying & Communicating on Enterprise Risk
Introduction
Managing Enterprise-Wide Board Risk
Operating the Radar and the Relevance of “What If”
Identifying Exploitable Security Defects in Business Processes
Focus Your Metrics on Avoidable Risk
Measuring the Impact of Background Investigations
Tracking Preventable Risk
Identify and Advertise the Causes of Loss
Measuring Security Awareness
Workplace Violence
Advertising the Failure to Act
Measuring Compliance Risk
When Does an Avoidable Risk Become Inevitable?
Tracking Nuisance and False Alarms
Meters and Dials—Tracking and Monitoring Key Risk Indicators
Creating a Business Unit Scorecard
Tracking Risk in Outsourcing
Business Integrity and Reputational Risk
Risk Personified—The Knowledgeable Insider
Transitions—Moving the Lens from Risk to Performance Indicators
Chapter 3. Measuring Security Program Performance
Introduction
Key Performance Indicators
Communicating Program Performance with Dashboards
Physical Security Is Measurable
Alerting Management to High Probability Risk
Measuring and Managing Your Regional Security Team
Measuring and Managing Your Guard Force Performance and Cost
Measuring for Operational Excellence in Security Services
Measure Risk Exposure with Security Inspections
Measuring and Managing Cost
Cycle Time: An Expected Measure of Performance
Information Security
Metrics are Bidirectional: Failure as a Performance Indicator
Measuring Progress of Annual Plans and Objectives
Is Compliance a Key Risk Indicator or a Key Performance Indicator?
Security Contract Compliance Auditing
Measuring for Integrity: Background Investigations
Measuring Executive Protection Programs
Business Unit Criticality, Resilience, and Continuity Planning
Measuring Security Awareness Programs
The Absence of Awareness is a Key Contributor to Risk
Ability to Influence the Business is a Key Performance Indicator
Security’s Value Proposition: Value Is a Key Performance Indicator
Use Metrics to Demonstrate Security’s Alignment with Business Objectives
A Few Metrics You Should Really Consider
Some Closing Thoughts
No. of pages: 226
Language: English
Published: March 28, 2015
Imprint: Elsevier
Paperback ISBN: 9780128028414
eBook ISBN: 9780128028438
GC
George Campbell
George Campbell served until 2002 as the chief security officer (CSO) at Fidelity Investments, the largest mutual fund company in the United States, with more than $2 trillion in customer assets and 32,500 employees. Under Campbell’s leadership, the global corporate security organization delivered a wide range of proprietary services including information security, disaster recovery planning and crisis management, criminal investigations, fraud prevention, property and executive protection, and proprietary security system design, engineering, and installation. Since leaving Fidelity, Campbell has served as a content expert for the Security Executive Council, of which he is a founding Emeritus Faculty member.
Prior to working at Fidelity Investments, Campbell owned a security and consulting firm, which specialized in risk assessment and security program management. He has also been group vice president at a system engineering firm that supported government security programs at high-threat sites around the world. Early on in his career, Campbell worked in the criminal justice system, and served in various line and senior management positions within federal, state, and local government agencies.
Campbell received his bachelor’s degree in police administration from American University in Washington, D.C. He served on the board of directors of the International Security Management Association (ISMA), and as ISMA’s president in 2003. Campbell is also a long-time member of ASIS International. He is a former member of the National Council on Crime Prevention, the High Technology Crime Investigation Association, and the Association of Certified Fraud Examiners, and is an alumnus of the U.S. State Department’s Overseas Security Advisory Council.