Distributed Security for Fun and Profit…

Global organizations often have challenges creating a comprehensive security program.  Too much central control and the regions either feel ignored, so chafe at security cost allocations and pay only nominal attention to the program, causing great risk to the overall organization.  Or they fill the vacuum by creating their own shadow program that often eclipses the corporate security message in their locale.  Too little centralization and the regional initiatives tend to focus too locally and miss the more global risks. 

Organizations do not help their cause by failing to effectively articulate their security strategy.  I have been part of several organizations that have what I consider an “accordion” strategy.  Central security leadership during flush times with more responsibilities being pushed out to the regions when budgets get tight, which in turn get pulled back to corporate as issues mount, particularly on a global basis, and regions prove unable to manage the costs of comprehensive, integrated security solutions.

Post a Comment

Your email is never published nor shared. Required fields are marked *