Inflation has been a topic of conversation across boardrooms and security functions over the past months, with U.S. inflation accelerating at levels not seen in the country since the early 1980s.
Although current signs point to the possibility for the U.S. to avoid a recession, inflation will continue to impact organizations across the country. Security leaders should take the opportunity to look at their own programs and determine how best to support safety and business resilience in uncertain times.
Alan Saquella, seasoned corporate security executive and Professor in the College of Business, Security and Intelligence at Embry-Riddle Aeronautical University, supported Cox Communications and its security function during the 2008 recession, which fell during his 16-year career as a security director at the telecommunications firm. He says there’s no time like the present for chief security officers (CSOs) to future-proof their enterprise security programs. “We shouldn’t wait until there’s a recession to start thinking about how are we going to retain our budgets and keep our people, information and brand safe during these times.”
Saquella outlines five steps security leaders can take to support their organizations during inflationary and recessionary periods.
Image courtesy of Saquella
1. Align security to business goals
Saquella says that the first step to securing an organization in times of economic uncertainty involves aligning the security program to the business. “In enterprise security, we’re there to protect the entity, and the entity sells a product or service. We have to make sure our model works with their budget,” he says.
To achieve this, CSOs need to focus on risk prioritization and cost reduction, according to Saquella. Aside from continually looking for ways to reduce security cost and add business value, it’s important for CSOs to “engage with your business partners across the enterprise and determine what risks are most concerning to the organization. Those are the ones you’re going to want to continue to protect.” In cases where shrinking budgets catalyze security cuts, it’s the security executive’s job to spread risk and protect high-priority operations. “In other words, it may be something as simple as raising your deductible insurance and spreading some of that risk to your contractors,” says Saquella.
2. Practice business acumen as a cso
In tandem with aligning security to the business, CSOs should “take advantage of the opportunity to portray an image of a business leader,” says Saquella. “When you are at top of the rung in security, you’re not a security person anymore — you are a business person.”
That leadership transformation requires CSOs to market security and build internal relationships with the C-suite and internal stakeholders. “You should be seen as a business partner,” says Saquella. “This is the time to be highly visible with leaders.” By taking part in operational and financial meetings, security executives can signal to organizational leadership that they’re involved in more than just the safety of the organization, but the continuity of the business as well.
3. Maximize security strategies and technology
Another step for CSOs to consider in times of economic uncertainty is reducing redundancies and maximizing the reach of security strategies and technology. “During expansion times, security has a lot of overlapping systems to duplicate protection. At uncertain economic points, we may need to reduce security system overlap, whether it be on the physical security side, investigations side or even the cyber side,” says Saquella.
Reducing redundancies without compromising safety relies on security executives aligning security with the risk landscape of the business. Times of economic uncertainty can also lead to innovation in the security field, says Saquella. From new ways to leverage security as a value add to leveraging technology to expand the reach of human security officers, security leaders have a number of opportunities for continued safety even when budgets shrink. For example, Saquella points to digital visitor management, where a single security officer monitors robotic or automated check-in stations across an organization, reducing guard cost and maintaining security.
4. Work with security partners
When it comes to security partnerships, times of economic uncertainty present opportunities for security leaders to strengthen internal and external relationships to bolster security and support business resilience. Saquella says that revisiting contracts with vendors can help reduce security technology spending while signaling trust to security systems partners. By leveling and negotiating with vendors, CSOs can continue relationships with organizations throughout recessions. “That creates a lot of trust, if we’re able to come through this recession together,” says Saquella. “They’re going see that the CSO really does treat them as a business partner."
Security executives should also look to partnerships with internal departments to boost enterprise safety. The Human Resources (HR) department presents a number of safety partnership opportunities, especially in times of economic uncertainty. If employee stress levels rise due to the constraints of an inflation or recession, HR teams can help mitigate potential workplace violence by offering counseling and partnering with security to serve as a visible support system, says Saquella.
5. Bolster insider risk programs
Layoffs are an unfortunate reality of economic uncertainty. If employees plan to leave an organization with enterprise intellectual property, it’s important for enterprise security leaders to enact insider risk mitigation protocols. “Start working very closely with your cyber teams to look for those signs that something’s going on inside the company,” recommends Saquella. Monitor for data exfiltration, unusual file access and uncommon network access times. “If you don’t have a policy in place for insider risk, that needs to be developed from a security perspective,” says Saquella. “You have to make sure that information is not downloaded and taken outside — this happens before an employee leaves the organization.”
Times of economic uncertainty present challenges across organizations, from insider risk to elevated physical security threat levels. Faced with these security risks and potentially shrinking budgets, it’s important for security leaders to treat cuts as a business decision, says Saquella. “When you go through and have to make some adjustments, do it with a business mindset. Then, you’ll be seen as a much more important, viable business partner.”