Lessons security professionals learned in 2021

The Security editorial team highlights their favorite articles released in 2021. In an ever-shifting industry, this year’s top articles covered themes from finding and retaining security talent and mitigating misinformation- and disinformation to fostering meaningful, long-term community values of diversity and inclusion in security.

As we enter 2022, review the lessons security professionals learned in the past year and incorporate them into today’s security strategies.

1. Security Leadership: 2021 Women in Security: The women that make up the security industry are an exceptional group. This year, Security magazine chose 13 enterprise security leaders to give you a glimpse into the backgrounds, challenges, perspectives, and accomplishments of a few of the women that continue to change the security industry.
2. The 2021 Security Benchmark Report: Budgets, Roles, Trends, and Leadership Among All Sectors: The 2021 Security Benchmark Report aims to allow security programs to measure security teams and organizations versus their peers, both among the industry as a whole, as well as among individual sectors. The report tracks security budgets, roles, responsibilities, security titles, training, technology spending, and much more.
3. Finding, Retaining and Developing Top-Quality Security Talent: Hear Jeff Hauk, Director of Public Safety at Memorial Healthcare talk about challenges with staffing, retaining, and training top-quality security talent in this on-demand webinar. A timely topic affecting all security professionals in all sectors, Hauk discusses the importance of hiring for attitude over skills, as well as inspiring rather than motivating security staff in this valuable presentation.
4. Countering Disinformation: An Essential New Role for CSOs: Adversarial social media activity ranked as the fifth most significant threat to organizations in Kroll’s Global Fraud and Risk Report 2019-2020, tied with internal fraud and coming in above IP theft, counterfeiting, and corruption. As disinformation persists, security leaders, risk management professionals, and corporations must address these deceptions in a more informed and systematic way. But first, they need to recognize, acknowledge and heed the once benign marketplace ‘chatter.’
5. Creating a Diverse and Inclusive Workplace Within Security: Many successful companies regard diversity and inclusion as a competitive advantage and an enabler of growth with research backing this up — the Delivering through Diversity study, for example, found that gender-diverse organizations are 24% more likely to financially outperform less diverse companies, while 33% of ethnically diverse companies are likely to do so. Here’s how to begin implementing strategies for a more diverse workforce.
6. Enterprise Security: Positioning Your Team as a Value Add, Not a Cost Center: Follow these four direct strategies to help you and your security team transition from being seen as a “cost center” to becoming a value-add to the organization’s bottom line.
7. Cyber-Physical Security in an Interconnected World: Recognizing 2021’s National Critical Infrastructure Security and Resilience Month, Security partnered with stakeholders from the public and private sectors to share best practices to prevent and mitigate the consequences of a major security attack on the nation’s critical infrastructure. Here, David Mussington, Executive Assistant Director for ISD at CISA, explores how to strengthen the security of our global digital infrastructure and how CISA is committed to collaborating with partners in the private sector to unify our collective defense. View the special report here.
8. The First 90 Days of a Chief Security Officer: New Chief Security Officers who approach the role with a strong focus on understanding organizational culture for the first 90 days are likely to enjoy success. Here, CSOs provide advice on how to start off on the right foot.
9. The 2021 Top Cybersecurity Leaders: This year, Security was honored to partner with (ISC)², the world’s leading cybersecurity professional organization, to find enterprise information security executives who are changing the cybersecurity landscape for the better. We selected 12 cybersecurity leaders and highlighted their backgrounds, accomplishments, how they have built up security programs, and more.
10. Recognize. Respond. Survive. A New Approach to Workplace Violence Prevention: With all the stress and division in our country currently, there has never been a better time to evaluate your organization’s readiness. Does your current training prepare every employee to recognize early warning signs so you can prevent future attacks; are the response options proven; and have you taken reasonable steps to increase the survival odds for each employee?
11. Operational Resilience in a Hyperconnected World: Operational resilience is the new imperative for sustaining business operations. Listen to Microsoft’s Edna Conway, Chief Security and Risk Officer of Azure, who provide a real-world, tangible approach to address security and resilience to support you in your journey to operational resilience.
12. Centralized Supply Chain Security Programs Yield Efficiency: Finding efficiencies in supply chain security is as simple as enveloping more of your supply chain. Kirsten Provence has led Boeing’s supply chain security program for nearly a decade; here, she explains what has propelled efficiency gains by scaling the program using subsidiaries.
13. Top De-escalation Strategies and Training for Security Leaders: De-escalation is key to frontline security in a range of situations, from hospitals to retail settings to office environments. Many sectors, such as travel and airlines, healthcare facilities, retail, and more, have seen an increase in agitated behavior in recent years, some spawned from tensions rising regarding mask mandates and COVID-19 protocols. Here, we take a look at de-escalation strategies and training that security leaders can implement within their organizations to keep security, staff, and visitors safe.
14. Hiring for Personality: When it comes to completing your security team, hiring the right employees will lead you, your team, and your organization to greater success, but finding, recruiting, and retaining top security talent may be easier said than done.