Preliminary research on corporations where security is “baked into the culture” shows a wide breadth of services to the vast majority of organizations within the corporation. Several great security programs track the “low-volume customers” of security and set goals to make sure they are responding in a manner that adds value. The corporate controller, CIO, tax, real estate, business development, insurance, shareholder services, transportation, engineering and maintenance are often overlooked and under-developed as security customers. The broader the support of a function’s services, the less likely the organization will think they are “optional” when times get tough and resources are short.
Next Month’s Question: What are the characteristics of a good relationship between Corporate Security and Information Security?