Security as a Business Enabler

To see full published article, click here.

Media Contact

Katie Majkowicz
Digital Marketing & Communications Specialist
Samuel Associates Inc.

(613) 292-3936

km@samuel.associates

See how we support our clients in the defence industry

Learn more

Talent Acquisition and Retention

Security Enabler:

Enhanced security measures, enable sound, evidence-based acquisition choices. Active, vetting protects the health and safety of your staff, while thwarting infiltration. Continuous monitoring provides early warning of incidents, performance issues, accidental and deliberate threat behaviour, intellectual property theft and insider threat detection. Active security controls provide privacy by design and organizational resilience value.

Example:

Pre-hire screening
Indicators of potential adverse behavioural shifts
Infiltration indicators
Resume falsification
Inappropriate or non-professional on-line behaviour
Insider Threat detection
Protection of employee online health, safety, privacy and security by early detection of social media enumeration and pretexting
Inside sales and communications

Technology Enablement and Process Improvement

Security Enabler:

Multi-purpose business systems generate economies of scale and allow for cross-domain analysis. Solving the security challenge enables the business. Sensing, fusing and correlating big data across all business intelligence systems provides contextual narratives through visual analytics and an executive dashboard. Enhanced situational understanding of the business. Real-time evidence based decision support. Optimizes business process flow by examining behavioural norms.

Example:

Integrated business intelligence and security systems
Real time data collection and analysis of network access and activities
Early detection of anomalies
Insider Threat detection
Executive dashboard
Big Data with AI/ML

Business Operations Service Delivery

Security Enabler:

Vulnerability analysis and threat risk assessment establish an asset inventory, make value and impact assessments, determine systemic weaknesses in the business and identify likely exposures from a wide spectrum of threats. A security practice which focuses on risk identification and mitigation will ensure resiliency, continuity and viability of the business by identifying efficacy issues, cost reduction, and cost recovery options.

Example:

Situational Analysis
Threat and Risk Assessments of internal and external challenges
Active, ongoing threat mitigation strategies
Business Continuity planning§ Response and Recovery planning, testing, and execution
Net Revenue and profitability

Competitive Business Intelligence

Security Enabler:

Intelligence operations will identify malicious actors, competitors, partners, suppliers and clients as part of a continuously secured ecosystem. Profit centre Scanning the global market for MARCOM threat intelligence. Supply chain vulnerabilities & Business Intelligence methodologies will deliver unique and valuable insights, not achievable through traditional approaches. Lawful exploitation of data sources and individuals are increasingly a business imperative in a hyper competitive, globalized environment. Synergies can be achieved by amalgamating business intelligence, security systems and big data.

Example:

Upstream security information
Early threat detection
Business situational awareness
Optimized business opportunities
Early warning of competitive shifts
Regulatory and compliance insights
Global information coverage
Integrated information stream
Global Cyber Threat Intelligence
Cyber Threat Hunt and adversary pursuit

Risk Management

Security Enabler:

Integrated risk management framework for multi-order and cross-domain risk compliance audit and scorecard.

Example:

Real time risk assessment data generation
Optimizing risk management and performance indicators
Cross-domain Accountability measurement
Automated audit reports
Converged security and privacy solutions
Active Cyber Defence and automation

Business Capture

Security Enabler:

Profitability, partnerships coopetition, brand protection.

Example:

Intelligence-lead sales, qualitative business case, targeted messaging and marketing, influencers, power mapping.

Innovation and Trends

Security Enabler:

Disruptive technology trending, Over-the-horizon risk and opportunity forecasting.

Example:

Strategic Planning and innovation, capability development, threat fore-sighting.

Brand Marketing and Communications

Security Enabler:

Influence activities, Counter narrative, data leakage, deception, message high jacking, impersonation, etc.

Example:

Measure message resonance and impact, enumerate vulnerable positing, social network and adversaries (identity and narrative). Social engineering protection.

Strategic Business Planning

Security Enabler:

SWOT matching and converting.

Example:

Application of format risk mitigation process.

Business Transformation

Security Enabler:

Break down stovepipes, and silos confidentiality integrity and availability physical, personnel and cyber domains.

Example:

Common attributes of confidentiality, integrity and availability. Code of conduct and business ethics.

Network, Supply Chain Management and Critical Dependencies

Security Enabler:

Interdependency contagion econometrics, geolocation, social semantic and connectivity, contagion of malware, toxic content and toxic assets.

Example:

Counter-shaping, Supply Chain security (Availability, resiliency, reliability), Recovery effectiveness, Partner risk assessment, Supply chain efficiencies.

No items found.

Let's Position your Business for Success

Throughout my career, I have noticed that security is most often sold using Fear, Uncertainty and Doubt (FUD). However, security is viewed by executives as a sunk cost or an insurance policy based upon the balance of probability that something bad may happen. Threat-risk is difficult to quantify and weigh against business risks, which are measured in 💵. As they say, “If it can’t be measured, it can’t be managed”. There is limited persuasive weight to FUD pitches, in the absence of a clear and present direct threat, or stringent and prescriptive regulations which hold corporate officers or public servants personally liable.

Frame Security as a Business Enabler

Rather, I have found that leading with security as a business enabler resonates more effectively with the C-suite. By this I mean, articulating how security can help:

increase sales,
produce valuable business intelligence,
improve competitiveness,
derive process efficiencies,
reduce costs and losses.

If successful, solving for compliance and threats are bonus features to your solution.

An Example in the Canadian Market

A major Canadian Company was subject to substantial capital-at-risk owing to fraud from organized crime, misuse of services by clients, and deliberate cyber attacks by nation states. However, much of this was unseen and off the books. The case for enhanced security was solid but failed to get the attention of C-Suite who were consumed with more obvious business risks like operating costs, quarterly sales, competitive market pressures and pricing regulation.

I got their attention only after I was able to demonstrate, with security instrumentation and concrete examples, where the company could save over a billion dollars, increase sales with market intelligence and recover a hundred million in fraud. An interesting consideration was that security systems were able to detect misconfiguration, bad process flows, financial mismanagement and business inefficiencies on the way to looking for deliberate threats. They also helped management understand a lot more about the business. Similarity, I used business intelligence systems, network health monitoring, call centres and financial monitoring to assist in security investigations.

So here are some ideas for pitching security as a business enabler aimed at specific Strategic Business Objectives: