The future of the security manager

September 2012 News & Events

Two experts offer their view of the future role of security managers.

At the recent ASIS conference in Cape Town, Hi-Tech Security Solutions spoke to two of the conference speakers about how they perceived the changing role of the security manager.

Eduard Emde (CPP), keynote speaker and president of ASIS International, believes that security only exists because business needs it. By association, the security manager is often a grudge ‘purchase’ and he or she therefore needs to change with the constant changes taking place within the complex business environment.

Eduard Emde
Eduard Emde

“The business world is volatile and ambiguous, and technology is constantly changing. The risks and risk levels are also constantly in flux. IT and cyber technology in particular have become very important and the question its popularity poses is: ‘How do we deal with these circumstances and how do we equip our teams to best deal with the current and future challenges in a proactive way?’ ” says Emde.

He says that with the advent of cyber risk, one sees attacks on SCADA (supervisory control and data acquisition) systems and accelerated cyber warfare. “Businesses are increasingly asking the security manager how he or she can halt the real and potential onslaught of attacks on sensitive IT systems.”

Benedict Weaver (CPP), managing partner at Zero Foundation, believes that the role of the security manager has remained relatively static over the past four decades. “In essence, this role encompassed managing a protection strategy for property, people, resources and reputation. However, the business environment is changing and is currently strongly affected by five global forces. These are demographics, natural resource demand, globalisation, climate change and technology.

Benedict Weaver
Benedict Weaver

“Smart businesses therefore need to develop a corporate security department that will allow them to adapt to the changing global environment, as well as provide a competitive advantage.”

Weaver highlighted the massive population boom in the past 212 years. “This explosion in the number of humans inhabiting our planet means that more businesses are required to service the needs of this larger consumer base. There is already a war on talent and skills to cater for this growing customer base. As a result, the role of the security manager has become critical and should now be a part of global corporate risk management.

“As the demand for natural resources increases, businesses will come under greater pressure to perform and secure market share. This will, of necessity affect the security of the businesses competing against one another. Likewise, climate change impacts on those companies that are not compliant with green legislation. This results in a higher risk profile, which then becomes a function of the risk/security manager,” says Weaver.

Increasing globalisation will see governments deregulating industry to encourage direct foreign investment. “By moving the wealth around, shareholders and stakeholders will be presented with different responsibilities in terms of compliance with country-specific laws. This will result in greater risk exposure.

“With the rapid development of technology, the demands on intellectual property will increase. The protection of this intellectual property will become a function of security and risk management. However, since data can be delivered from anywhere in the world, technology also creates opportunities to manage this risk.”

Keep it simple

Emde says that it is advisable to keep things simple, yet smart. “The security or risk manager is primarily in place to serve the business efficiently and effectively, so he should not be overburdened with a plethora of solutions. The management and technical systems should be designed with a clear goal in mind and allow the security manager to understand the process. Approaches also need to be future proof and provide the business with cost effectiveness.”

As businesses become more hi-tech, the role of the security manager often seems to overlap with that of the IT and information security functions. “The degree of overlap depends very much on each individual business. In all instances, however, both parties need to respect one another’s expertise, open the lines of communication and consider the possibility of pooling resources and knowledge to provide a comprehensive solution.”

Emde insists that there will remain a role for a separate security function within companies, but that the operational aspects may in the future fall under the IT umbrella and other functions. “Businesses require internal expertise at a very high level. The risk manager will need to have connections within the business environment and have a larger degree of technological and business expertise than previously required.

“However, the functions that will remain within the parameters of the security manager’s portfolio include incident monitoring and response, together with investigation of these incidents or events. He or she will also need to work together with others within the enterprise to shape proactive, intelligence-led security,” adds Emde.

“With the increasing focus on corporate mobile communications, the security manager is being forced to perform out of his comfort zone. Data integrity and information assurance are now vital to the reputation of companies. This is where we will continue to see a convergence between the functionality of IT and security,” says Weaver.

He says that it should not be the responsibility of the security or risk department to monitor data on the cloud or on servers. “They typically do not have the necessary skills to undertake this function and should rather be involved in the security of communications within the organisation. This responsibility includes technical surveillance countermeasures, RF jamming and encryption systems for high-security communications.”

Emde believes that the risk/security manager will have to increase their understanding of the business in terms of its profitability drivers and markets. “In addition, it will be expected that security/risk managers will have a comprehensive understanding of relevant security standards as they apply to the business. This will be complemented by the relevant procedures applicable to human resources and legal issues pertaining to the business environment.

“Increasingly, the security/risk manager will fulfil a consulting and advisory role within the business. This will entail supporting the business in decision-taking and finding sustainable ways of reducing risks. Security, crisis and continuity management must now fit within the overall risk management strategy of an organisation as well as within the business strategies,” Emde says.

With regard to the instilling of basic security standards in employees, Emde feels that the security/risk manager will play a subtle, but strategic, role. “However, it is crucial that management participates in the transference and adoption of these basic skills and knowledge for the overall benefit of the business.”

Adapt or die

“It is common knowledge that many of the people previously appointed as security managers were drawn from the military or police forces. More recently, there has been a strategic move away from this trend. The new profile fulfilled by the security or risk manager requires a keen interest in organisational strategies in order to encapsulate the demands of the increasingly competitive business environment. Interestingly, more women, with their inherent attention to detail, are becoming involved in driving the benefits of a corporate security department,” says Weaver.

He is adamant that the traditional security manager needs to mimic the company’s philosophies and intent if he wishes to maintain his own survival and growth. “In essence, security managers will become responsible for re-engineering their own job profile. There needs to be a move away from security being viewed as a cost centre in the company to becoming a profit centre in the business. This can be achieved by aligning security with the company’s business objectives and finding creative ways of charging fees for services rendered, that is, vetting, risk assessments, technical countermeasures and competitive intelligence.”



Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Highest increase in global cyberattacks in two years
Information Security News & Events
Check Point Global Research released new data on Q2 2024 cyber-attack trends, noting a 30% global increase in Q2 2024, with Africa experiencing the highest average weekly per organisation.

Read more...
Fire safety in commercial kitchens
Technews Publishing Kestrel Distribution Products & Solutions Fire & Safety Commercial (Industry)
Fire safety in commercial kitchens is becoming increasingly critical. Defender is Europe’s first EN 17446:2021-approved kitchen hood fire suppression system and offers the indispensable safety measures required.

Read more...
Linear heat detection (LHD) from Technoswitch
Technews Publishing Technoswitch Fire Detection & Suppression Products & Solutions Fire & Safety
SecuriHeat LHD by Securiton prevails where conventional fire detectors reach their physical limits. It copes well with extreme temperatures and constantly high atmospheric humidity, while precise measurements are also possible when corrosive gases and contaminated air are present.

Read more...
From the editor's desk: A burning issue
Technews Publishing News & Events
      Welcome to the first publication from SMART Security Solutions devoted to the fire industry. In the BMI report, sponsored by the Elvey Group, released earlier this year, fire was the smallest component ...

Read more...
Effective fire and smoke detection using cameras
Hikvision South Africa XtraVision SMART Security Solutions Technews Publishing Dahua Technology South Africa Fire & Safety
Video analytics, spurred on by advances in image processing, enhanced fire and smoke detection capabilities while significantly reducing false alarms in surveillance cameras. Today, AI has further improved accuracy and minimised false alarms.

Read more...
Surveillance on the perimeter
Axis Communications SA Hikvision South Africa Technews Publishing Editor's Choice Perimeter Security, Alarms & Intruder Detection
Cameras have long been a feature in perimeter security, with varying reports of success and failure, often dependent on the cameras’ planning, installation and configuration, as well as their integration with other perimeter solutions and centralised management platforms.

Read more...
Onyyx wireless alarm
Technews Publishing Editor's Choice Smart Home Automation
IDS has introduced Onyyx, a wireless alarm system engineered to provide complete system control via the Onyyx app or keyring, as well as seamless installation.

Read more...
Visual verification raises the security game
Technews Publishing Inhep Electronics Holdings Videofied SA Editor's Choice Perimeter Security, Alarms & Intruder Detection
Incorporating alarm signals with live surveillance footage, visual verification enables a human observer in a control room (onsite or offsite) to gain a clear understanding of the situation, thereby facilitating informed decision-making.

Read more...
From the editor's desk: Keeping them out, keeping you aware
News & Events
Alarm, intrusion, and perimeter protection have been part and parcel of South African society for years. Many years ago, a home alarm consisted of wires covering one’s windows, which caused an alarm ...

Read more...
Intrusion Selection Guide 2024
Technews Publishing Perimeter Security, Alarms & Intruder Detection
The Intrusion Selection Guide 2024 includes the latest products and solutions aimed at small, medium, and large operations that require reliable, easy-to-install, set-up, and use intruder detection technology that reduces false alarms but never misses an actual event.

Read more...