06 December 2005

Mitigating Operational Risks Around the Globe...

In this month's CSO Online, Todd Datz has an article worth exploring. How to Manage Security Halfway Around the World talks about several key components of global operational risk mitigation:

Different cultures. Unstable political environments. Language barriers. CSOs in global companies face many a challenge as they try to manage security in far-flung locations. One of the biggest challenges? A good number of your security managers reside in functions other than corporate security, so security is often a part-time gig managed by people with part-time security training. There’s no ironclad set of rules or policies that all those employees can follow.

If you are like most organizations doing business on a global basis, you don't have a security department in every office. This is why it is imperative for your local employees to establish local relationships with other businesses or entities who will help protect your vital corporate assets.

Educate Your Global Security Staff
Training is a critical component of any global security program, especially given that many security managers in foreign locations come from nonsecurity functions—such as HR or engineering—and thus wear multiple hats.

It's critical to have a local presence along with a centralized global policy and audit function know as Enterprise Security Risk Management. Together the partnership keeps a great degree of relevance to the issues and cultures in a particular country while simultaneously keeping a consistent and correlated set of standards for legal compliance. International laws for exchange of information, transmitting funds and selling products and services to Specially Designated Nationals (SDN)'s are all important business risks to be managed.

With a growing focus on risk management, The Yankee Group predicts that by 2008, the $165 million Enterprise Security Risk Management market will grow to $650 million as more organizations move to strengthen their global security posture. According to The Yankee Group, most organizations today utilize informal security risk management processes using professional services and homegrown databases that are often time-consuming and ineffective.

No comments:

Post a Comment