What drives us

Nothing in life is risk free but risks can be managed. It’s our job to make everyone and everything safer. HawkSight software uses a sophisticated algorithm that assesses risks based on relevant threat data. This delivers a dynamic risk profile, identifies vulnerabilities, and provides options for mitigation.

We call it security risk insight and we’re global leaders at it.

We believe that this will enable people to live freer lives and enterprises to flourish as risk diminishes. The ability to live and operate safely in an increasingly complex world is our goal.

Book a call
zig-zag-img
left-laptop-image-

Can You Discuss Security Risks With Your Leadership?

Can You Discuss Security Risks With Your Leadership?

In today's dynamic business landscape, security is paramount. Yet, discussions about it are often relegated to technical jargon, divorced from the business's core objectives. For effective security risk management, this narrative must change.

Here's how to foster an insightful discussion with leadership about security risks:

Who Do I Need to Talk To?

To champion security, you must first understand your audience. It is time to get your Starbucks card out to encourage quick 15-minute chats with corporate security executives and managers, including:

  • Human Resources
  • Legal
  • IT
  • Audit
  • Procurement
  • Safety
  • Risk Management
  • Finance

Starting conversations with business leaders will begin to integrate the security function into the fabric of the business rather than a siloed function.

What Needs to be Discussed?

Security Risk in Business Context: Discuss how security risks you have identified might impact essential business assets and objectives of these core executives and managers. Ask them what their function does and how they achieve it. What is crucial to their success, and what keeps them awake at night? Then, ask, how can security help?

Translating Risks into Business Terms: Instead of relying on technical jargon, speak plain language. Offer case studies of where your identified risks have affected similar companies. Learn and utilise tools like Business Impact Analysis to help decision-makers visualise potential consequences and prepare a Cost Benefit Analysis to compare risk treatment options.

Bridging the Physical-Cyber Security Gap

One of the most critical facets of contemporary security risk management is for physical and cyber security to work together. Asset owners often have deep insights into the physical realm, understanding tangible vulnerabilities and access controls. Conversely, the cybersecurity function is entrenched in the digital domain, identifying threats in cyberspace and ensuring data integrity. It's paramount that these two entities come together to discuss and identify security risks together with asset owners. In doing so, they provide a holistic approach to security that seamlessly covers the spectrum from the physical to the digital. This collaborative approach prevents potential oversights and minimises vulnerabilities arising from the ambiguity of where physical security ends and cybersecurity begins. In a world where digital systems control physical assets and physical breaches can compromise digital data, such a comprehensive approach is not just desirable but essential.

How Should It Be Discussed?

Effective communication forms the bedrock of successful security discussions. Bill Philips presented The Power of Partnership in Security Management at a recent Pre-conference seminar at GSX in Dallas. He highlighted key elements of effective communication, namely:

  • Keep communication clear, simple, and relevant.
  • Ensure discussions are short, frequent and respectful.
  • Prioritise active listening. Understanding concerns and feedback from various departments is crucial.
  • Ensure security's role is understood as a protective function and an enabler of business objectives.

Successful partnerships hinge on:

  • Transparent Communication
  • Mutual Commitment
  • Combined Knowledge (from business and security domains)
  • Flexibility and Adaptability
In summary

Security is not merely a function; it's an integral part of business strategy. By aligning security discussions with business objectives and employing a comprehensive approach, as suggested by the security risk assessment document, we can move beyond seeing security as a cost and recognise its role as a value driver in business.

References:
  1. The Influence of Security Risk Management: Understanding Security’s Corporate Sphere of Risk Influence. ASIS 2023
  2. How do professionals assess security risks in practice? An exploratory study. William Harris, Moufida Sado. 2023
  3. Using ESRM to get a Seat at the table. The Power of Partnership In Security Management. Bill Philips. GSX Pre-conference Seminar. 2023
blogs you may also like