editione1.0.0
Updated October 9, 2023Just because it’s an essential hygiene process, it doesn’t mean our ongoing security activities and calendar should be treated as a background role or given to just one person to manage.
important In fact, one of the most important things you can do is ensure that this ongoing program of activities is shared across the wider team. This reduces the key person risk associated with having just one person in charge of your security program and also reinforces that security is part of the entire team’s responsibility.
confusion Remember that making security a team sport doesn’t just lighten your workload—it’s also good for the overall resilience of your company. Shared responsibility means there are many hands helping and many eyes watching for issues. Not only are you more likely to get more done, but you can respond quicker should bad things happen.
How do you make sure this new team approach to security sticks? One of the biggest hurdles is making sure you keep going. There is a common pitfall when a problem is shared between a group of people where nobody takes ownership. If everyone assumes someone else will do it, often nobody will.
This decrease in ownership and momentum can cause your security efforts to fade over time. Let’s take a look at how we can avoid that and keep your team focused and operating at pace.
In a rapidly growing company, change is everywhere. It often feels unnatural that something like a calendar would remain steady and predictable in the beautiful chaos of everyday operations. If we’re honest, sometimes these steady and predictable baseline activities can seem less glamorous or important than the fast-evolving processes that add to our revenue or move us towards growth targets.
As a result, we see a predictable decline in security momentum after the first few months or after a security goal (such as certification or compliance) is achieved. After all, who wants to spend all day doing the housework when someone is knocking down a wall and redesigning the kitchen?
Maintaining security momentum is as much about leadership as it is about operations. The importance of security needs to be communicated regularly from the top and related back to the key business objectives such as growth and profitability. Without this leadership first, those charged with security will lose momentum and often find themselves lacking motivation and a clear understanding of why their actions matter to the business.