Top Security Threats and Management Issues Facing Corporate America
Total Page:16
File Type:pdf, Size:1020Kb
Top Security Threats and Management Issues Facing Corporate America 2016 Survey of Fortune 1000 Companies Introduction......................................................................4 Survey background and overview of results. Top Security Threats ......................................................6 Ranking of the most important security concerns for 2016, and an overview of threats and their rankings since 2000. Threat Rankings Within Industry Sectors ..................8 Top security threats segmented by major industries. Security Management Issues ..................................... 14 Management issues, pre-employment selection processes, and staffing the security organization. Organizational Structure and Strategy .................... 16 Review of security directors’ reporting relationships and interaction of security with other functions. Budget and Funding ..................................................... 16 Discussion of security funding trends and review of factors influencing budget decisions. Methodology and Sample Distribution .................... 17 Survey methodology and profile of respondents by industry and geography. Emerging Trends ................................................19 2 A Message From: Bill Barthelemy CHIEF OPERATING OFFICER – SECURITAS SECURITY SERVICES USA, INC. William Barthelemy, Securitas Security Services USA, Inc. has completed its 2016 “Top Security the Chief Operating Officer of Securitas Security Services USA, Threats and Management Issues Facing Corporate America” survey. Inc., brings nearly 40 years of industry experience to the We are pleased to publish the findings of the survey in this report. organization. With a Criminology degree from Indiana University of PA, he began his career as Over the years, this survey has become an industry 2) Promoting Employee Awareness, and an investigator, moving to the Security Division after two years. standard and is often used by corporate security 3) Implementing Best Practices/Standards/Key He has worked in many field managers in numerous markets for security-related Performance Indicators. An interesting observation capacities including Scheduling, data when making decisions relative to security about these rankings is that Budget/Maximizing Operations Manager, Branch Manager, Regional Operations planning. I want to thank all of our respondents ROI (ranked #1 in 2012 and #3 in 2014) dropped Director and Region President. who participated, generating an excellent response to 8th place in the 2016 survey. He brings further client service rate from security executives in 39 states, Canada focus to the management team, As you will read, the survey results also outline and Mexico. Your input is critical to our report and and he is an active member of the top security threats as reported by security ASIS International, as well as has revealed that the top five security threats for executives in various vertical markets. Additionally, the National Association of 2016 are as follows: Chiefs of Police. it provides information on the reporting relationships 1. Cyber/Communications Security: of those participating in the survey as well as Internet/Intranet Security projected future budgets and funding for security departments. 2. Workplace Violence Prevention/Response We extend a special thanks to the security practi- 3. Active Shooter Threats tioners who contributed editorial commentary for 4. Business Continuity Planning/ this report, namely: Organizational Resilience • Tom Ridge, Chairman, Ridge Global 5. Cyber/Communications Security: • Timothy Williams, CPP, Chief Security Officer, Mobile Security Caterpillar Inc. • Charles Baley, Chief Security Officer, It comes as no surprise that Cyber/Communica- Farmers Group, Inc. tions Security retained its #1 ranking from our • Michael Howard, Chief Security Officer, three previous surveys, and Workplace Violence Microsoft Corporation Prevention/Response rose in ranking to again be • Gail Essen, CPP, PSP, CEO, Professional the #2 threat. What is surprising is that two threats Security Advisors never before listed in our survey—Active Shooter • Richard Avery, CPP, Northeast Region Threats and Cyber/Communications Security: President, Securitas Security Services USA, Inc. Mobile Security—are #3 and #5, respectively. The high ranking of these new threats is undoubt- On behalf of the entire management team at edly an indicator of current events, both in the Securitas USA, I hope you find the information con- U.S. and globally. tained in this report to be of value in assisting your The top security management challenges organization to achieve its security objectives. that were identified are: 1) Security Staffing Effectiveness: Training Effectiveness Methods, Top Security Threats and Management Issues Facing Corporate America 3 A Message From: Don Walker, CPP CHAIRMAN – SECURITAS SECURITY SERVICES USA, INC. Thank you to our customers and friends for Therefore, it may be useful for anyone concerned Don W. Walker, CPP, participating in the 2016 Securitas Top Security with the insider threat to refer to the “Common is Chairman of Securitas Security Services USA, Inc. He is an inter- Threats Survey. Also, thank you to our guest Sense Guide to Mitigating Insider Threats,” nationally recognized expert in the authors who contributed their thoughts regarding published by Carnegie Mellon University’s security field, with an extensive current risks, threats or issues of concern to them Software Engineering Institute. Many of the background in all areas of security. and their organizations. We are grateful for their lessons learned in its case studies validate the The Securitas Group acquired insights regarding strategy, use of technology, need for a comprehensive physical security Pinkerton’s Inc. in 1999. Walker training and operating procedures. As risks change program working in concert with a proactive joined Pinkerton in 1991, when it acquired Business Risks Interna- and new threats emerge, we hope you agree that information security program. Our Pinkerton tional (BRI), a security consulting the survey and the analysis of the data can be very subsidiary and its partners are working closely and investigations company useful tools in assisting organizations develop with our customers to eliminate or mitigate the with global operations. After joining Pinkerton, he held various security prevention, detection, response and/or insider threat by using the data, strategies and management positions, including mitigation strategies and procedures. tools addressed by the guest authors in this Chairman, CEO, President, Execu- survey report. tive Vice President of the Ameri- One of the things that struck me in analyzing cas and Executive Vice President the data is that of the 29 threat categories, of International Operations. approximately one half can be caused or Walker is a co-founder of the ASIS committed by insiders (current or former International CSO Roundtable, a employees or trusted business partners/guests). life member of the International Security Management Association Therefore, it is no surprise that Employee Selec- (ISMA), the Society of Interna- tion/Screening and Rescreening always ranks in tional Business Fellows (SIBF) the top ten threats or issues concerning security and Leadership Nashville. He is a former member of the Board executives. This year, we included “Insider Threats” of Directors of the Ripon Society as part of the overall category. Many of the and a member of the National Law incidents we see in the headlines are categorized Enforcement Museum’s Chief Se- curity Officer Leadership Commit- as workplace violence, cyber-crimes, information tee. He is past president of ASIS compromise, identity theft or major frauds. Many International, former treasurer of those incidents were, in fact, the direct result of of the International Association of Credit Card Investigators and a malicious insider or someone who circumvented a member of the original Bank adequate vetting. Administration Institute Security Committee. He has served on numerous civic task forces, commissions and committees. Walker is a Certified Protec- tion Professional. He received his Bachelor’s degree from the University of Louisville and his Juris Doctorate from the Nashville School of Law. Top Security Threats and Management Issues Facing Corporate America 4 Introduction Securitas Security Services USA, Inc. has completed the 2016 “Top Security Threats and Management Issues Facing Corporate America” survey. This survey has become an industry standard and is often used by corporate security management in a wide range of industry sectors for security-related data when making decisions relative to security planning. Securitas USA surveyed a wide range of security managers and position from 2010-2012, and briefly moving to 3rd place in 2014. directors from Fortune 1000 companies, facilities managers and Active Shooter Threats, a new attribute in 2016, holds 3rd place, others responsible for the safety and security of corporate America’s while Business Continuity Planning, including Organizational Resil- people, property and information. The objective was to identify ience, falls 2 spots to 4th place after a 2nd place ranking in 2014. emerging trends related to perceived security threats, manage- A new breakout of Cyber/Communications Security, Mobile ment challenges, and operational issues. This survey has created Technology, holds 5th place, while another new threat, Crisis a reliable, data-driven tool for security