Need 3 seperate reponses to discussion threads totaling 750 words Read below
(Need a response of 250 words and one cited reference)Discussion Question: Consider a proper security budget for your current or past organization. Identify the top three costs associated with your security budget. Now, compare and contrast your top three costs with the top three cost concerns you feel might be selected by your Chief Executive Officer (CEO). As a CEO, you must consider such things as personnel costs, technology, risk management, and perhaps other factors unique to your experience or organization.Working in a large organization that has many different units within the security operation we often are battling for the same type of resources. As the technical Security department leader, I often find myself looking at how we can do more with less. The annual budget consist of two parts operational and capital expenses. Capital dollars are focused on big expenses that can be large numbers. Currently I have two projects that were scheduled for 5 years. Each of those projects was roughly 25 million dollars each spread over 5 years. We are currently upgrading legacy card access and camera systems throughout the enterprise. These dollars required a lot of work and support throughout the organization to secure. Working in health care, the organization is generally more likely to give money to provide direct health care improvements or capital improvements that will increase revenue. Security improvements don’t generally offer these benefits and require support.An operational budget is typically where we see our biggest battles each year. Staffing, supplies, services contracts don’t qualify as capital expenses and need to be justified each year. Staffing typically is the largest portion of the operation budget with service related contracts following closely behind. In the last several years we have been able to increase and upgrade several positions because of the large capital request that have been awarded to improvement and update the services that we provide through-out the organizations. Giving a department 50 million dollars over five years with a limited staff, allowed me the opportunity to increase my talent pool and numbers. This is not common in my industry, especially with the current state of health care. Competition and insurance reimbursement has made medical care a very cost conscious business. Service agreements and managed contracts have become the new target to reduce cost outside of staffing cost. Many organizations have chosen to use contract security and service agreements to drop the staffing budget numbers. Outsourcing has a place in many businesses, but the quality and long term saving can result in reduced services and company satisfaction. Many companies that decided on using outsourcing as a model to combat rising personnel cost, have started to return to tradition models of in house workers.Threat assessment and risk assessment have become a exercise that is repeated regularly (Renfroe,2016) In the past 30 years I have seen the wave of spending and dedication to promote and further security programs which expand and contract based on events that occur with our industry and worldwide. Many businesses and executives are very reactive to current events. Based on risk analysis, the next step in the process is to identify countermeasure upgrades that will lower the various levels of risk (Renfroe, 2016). Mass shootings, hospital shootings and employee concerns because of terror events typically become the driving force for increased budgets. When marketing positions and services that an organization can provide, security has become a program that people really care about in today’s society. Fortunately, my organization has been willing to invest in security and wants to be a leader, not a follower. As one of the top health care systems in the world, they realize that if issues of safety become the headlines in the news, it won’t matter how good we are in providing medical care.References:Renfroe, N. (2016). Threat/Vulnerability Assessments and Risk Analysis. Retrieved from: https://www.wbdg.org/resources/threat-vulnerability-assessments-and-risk-analysis(Need 250 word response with a reference)There are many times that the vision of the security head and the CEO differ tremendously. Gartner conducted a study with multiple CEOs to see what their top 11 priorities were. The number one priority for majority of the CEOs was managing growth of the company. Risk Management is actually the lowest priority on the list at 7%. The 7% was even an increase from previous years results. When looking at a study like that, it seems like it would almost be impossible to share the same top three funding priorities as the CEO. The number one priority for the security budget would be the funding for background investigations. This is not the process for my current job however, many civilian companies pay for background investigations of their employees. My background is Intelligence and Security so, everyone needs to have some type of security clearance even if it is only at the collateral level. If the organization required clearances to conduct daily duties, then it would be my number one priority. I think the CEO wouldn't have an issue with this because this would be an absolute requirement for individuals to be able to do their job. If this wasn't funded, it would be pointless to employee those individuals. The next priority for a facility would be an adequate funding system for the facility. This can get expensive due to the amount of sensors, main ports, guards, training, etc. Additionally, the more buildings included the more expensive it would get. For my current job, we are looking at a new alarm system. The cost for us to put in the new alarm system in 4 buildings is near $500K. This includes all of the necessary equipment and initial training of the members monitoring the system. However, this does not include any type of refresher training or paying for the individuals monitoring the system. The cost of an alarm is not just a lump sum of money many company have laying around, so the process can take quite a while. The reason an alarm would be a high priority is because it is the easiest deterrent from unauthorized entry. It is also the quickest notification and response in the event there is an attempt or successful unauthorized entry. I do think this would be approved by the CEO because it would be utilized for the protection of individuals and company information. Lastly, my third priority would be the proper manning for the security section. This is going to look different within every organization however, it is necessary across the board. At my current installation, the security personnel are spread out across several units and don't really work together as a cohesive team. In my opinion, the security personnel should be working together regardless of which specialty they are. One of the biggest shortfalls we have is that every security position is a single manned spot. When you combine that with the fact that no one is working together, it creates multiple single points of failure. A company needs to have dedicated security personnel to specific areas, like personnel, physical, industrial, etc. Within each of these sections needs to be two to three other people depending on the company size. This alleviates any single points of failure and also provides additional manning for everyday taskers. This could be taken two different ways by the CEO. The CEO could look at the additional manning as a growth opportunity if the ability is there. However, if funding needs to go to other areas this could easily pushed to another funding cycle. The CEO could bring up the argument that as long as there is a specific member in each section and everyone is working as a team, there shouldn't be any single points of failure. I can understand both approaches however, I think additional manning in security is always helpful.Costello, K. (2019). Gartner Survey Reveals that CEO Priorities are Slowly Shifting to Meet Growth Challenges. Retrieved from: https://www.gartner.com/en/newsroom/press-releases/2019-05-08-gartner-survey-reveals-that-ceo-priorities-are-slowlyDodge & Cox. (2017). Investment Risk Management. Retrieved from: https://www.dodgeandcox.com/pdf/white_papers/investment-risk-management.pdfRenfroe, N. (2016). Threat/Vulnerability Assessments and Risk Analysis. Retrieved from: https://www.wbdg.org/resources/threat-vulnerability-assessments-and-risk-analysis(Need 250 word response by question posed by teacher)(My initial post)ntroductionLike any other budget, a security budget has various important costs attached to it. The person in-charge of security within an organization may have a hard time convincing the management and in particular, the CEO (Chief Executive Officer) on their choice of leading security costs. For improved effectiveness and efficiency, the security leader should be in a position to justify his/her choice of security budget. Security Leader’s Main Security Concerns that I have considered As a former security leader in a biotechnology organization, below is my top three costs associated with security in my organizationIntellectual propertyFor a biotechnology organization, intellectual property is by far the most important security detail. This is because the company needs to safeguard such intellectual property by ensuring that they are not stolen by the competition (Rai, 2011). Accordingly, a sizable portion of the security budget would go towards such an arrangement.The other cost concern would be business risk. In other words, take into account the risks posed to the business in terms of loss of competitive advantage and financial losses. Other risks come in the form of loss of brand reputation. There is also the risk that your company could be faced with legal repercussions, such as fines, owing to a security breach.Another cost concern would be securing of the company’s systems data. A lot of companies have made huge investments into the field of biotechnology and if their systems were to be infiltrated through a security lapse, then it means that all their hard work would come to naught (Rai, 2011). For this reason, it is important that they invest heavily in strategies aimed at securing their systems. CEO’s Main Security ConcernsOn the other hand, I feel that the CEO would seek to prioritize different cost concerns from those mentioned above. First, the CEO would be interested in the personnel costs. Examples of personnel include the technology experts who may have to be recruited as the organization gears itself towards addressing the security concerns. Their recruitment will obviously affect the company’s bottom line and by extension, the revenue received (Harrison, 2014). Therefore, the CEO must find a way to balance the cost incurred by recruiting such personnel and the likely savings to be gained by beefing up the security in an organization. Additionally, the CEO would be really interested in risk management as it affects the organization. While it is quite easy to delegate such responsibility, the CEO, alongside other board members have to take full responsibility in defining the risk strategies that an organization ought to take. Consequently, the CEO would be interested in analyzing the risk profile, problem identification, and delegation. More importantly, the CEO will want to ensure that the organization does not incur an extra cost by virtue of its risk management strategies than is necessary.Finally, technology remains a major cost concern for the CEO. In this case, the CEO is acutely aware that adopting the latest technology remains a primal goal for a biotechnology firm. Therefore, he is more likely to channel a sizable portion of the security budget towards adopting of the latest technology. Comparing the Costs From the above three costs by the security leader and three cost concerns y the CEO, it is quite evident that the two differ in terms of their priorities. For the security leader, priority is on safeguarding the systems and intellectual property of the company against potential risks. In contrast, the CEO has to think of the costs incurred by the company in addressing security issues. However, these issues are similar in that both individuals have prioritized on the company’s wellbeing. ConclusionFrom the discussion above, it is quite evident that the CEO of a biotechnology firm is likely to differ with his head of security in terms of how the security budget should be prioritized. Whereas the security leader is likely to favor security costs on such issues as intellectual property and business risk, in contrast, the CEO has to consider the cost of personnel and technology. ReferencesHarrison, R. 2014. Security Leader Insights for Effective Management. Lessons and Strategiesfrom Leading Security Professionals. New York: Elsevier. Rai, A. (2011). Intellectual Property and Biotechnology. Cheltenham, UK: Edward Elgar.(Teacher Posed Question)Interesting write-up. How much, in percentage, do you think your top cost of protecting intellectual property would be?
