Security management has evolved since the turn of the 20th century. Today’s security managers must constantly adapt to keep up with a myriad of potential threats. They must be able to identify security vulnerabilities in an organization’s network that could lead to a data breach, as well as facility vulnerabilities that could be exploited by thieves or vandals. These professionals must also develop a plan to protect a company’s employees and assets in the event of a natural disaster, such as a wildfire, tornado or flood.
Aspiring security managers must start by developing the skills and acumen they’ll need to be successful. An advanced degree, such as an online Master of Science in Safety, Security and Emergency Management, can provide graduates with a competitive edge when applying for jobs in this dynamic profession.
What Is Security Management?
Corporate security managers identify and mitigate potential threats to a company. For example, they assess safety and security policies to ensure that an organization’s employees, products, buildings and data are safeguarded. Security managers also make sure an organization fully complies with state and federal regulations, such as the Americans with Disabilities Act, and that safety procedures follow Occupational Safety and Health Administration (OSHA) guidelines. They may also be asked to develop safety manuals and training materials to ensure that current and future staff members are informed of a company’s policies.
Security Management Through Information Security and Audits
Security managers must understand the importance of protecting an organization’s employee and customer data. Data security is an ongoing process that involves a number of tactics, such as penetration testing and vulnerability management.
- Penetration Tests: Penetration tests (also known as pen tests) are designed to identify exploitable vulnerabilities in a company’s computer network. After conducting a pen test, the testers report their findings to the company’s security manager so solutions and patches can be developed.
- Vulnerability Management: Network vulnerabilities allow threats such as spyware and malware to gain entry into a company’s network. The more applications a company deploys, the more vulnerabilities it creates for itself. Security management professionals must identify a company’s primary threat vectors so that they can be addressed.
- Endpoint Security: Endpoint security involves protecting an organization’s computer network by protecting the remote devices that are bridged to it, such as laptops, smartphones and tablets. Security managers must help an organization understand the need to engineer proper security for wireless technologies.
- Phishing and Identity Theft: Phishing is a tactic used by criminals to steal someone’s identity. The most common phishing campaigns involve convincing fraudulent emails in which the sender purports to be a legitimate company. For example, the criminal might send out an email that purportedly comes from a certain bank to tell the target that their account has been hacked or disabled. The only way for the recipient to fix the problem, the email states, is to click on a link and log in to their account. This allows the criminal to verify the target’s security details, which helps them steal the target’s identity. Security managers must remain up to date on the latest phishing ploys so company employees can remain informed about the latest threats.
Security Management Principles
Security management principles aren’t just about protecting a company’s network and data. They’re also about developing plans to ensure an organization and its core operations will not be impacted in the event of a disaster. For example, natural disasters such as floods and hurricanes can cause severe damage to a building’s infrastructure. The possibility of human error must also be accounted for, as evidenced by the mistake made by a utility company worker that caused an hours-long blackout in cities throughout the Pacific Southwest in 2011.
To mitigate risks to business continuity, security managers must develop plans to minimize an organization’s downtime in the event of a wildfire, flood, tornado, hurricane or other unplanned incidents that could knock systems offline. For example, they work with the IT department to develop plans to counteract natural and manmade disasters, counteract network and connectivity disruptions, and prevent data loss due to system failures.
Security Management Resources
Professionals who want to pursue a career in security management will be well served by completing an advanced education, such as the online Master of Science in Safety, Security and Emergency Management at Eastern Kentucky University.
Eastern Kentucky University’s industry affiliations with organizations such as the OSHA Training Institute, the U.S. Army, the National Fire Academy, the National Incident Management System, and the Loss Prevention Foundation allow students to participate in training-for-credit programs, which help them to boost their professional credentials and complete their degrees sooner.
Graduate surveys found that 96% of EKU master’s in safety graduates were employed, and 64% received a salary increase upon completion of the degree. Furthermore, 91% of respondents reported that earning a master’s in safety degree helped them be more competitive in the job market.
Ensuring an organization’s safety isn’t just about acting in the moment — it’s about preparing for that moment before it happens. Are you ready to take your security management career to the next level? Discover how earning the online Master of Science in Safety, Security and Emergency Management from Eastern Kentucky University can help you prepare you for the job you want.
IFSEC Global, “A Security Management Guide: The Role, Training, Certification, Degrees and Standards”
INAP, “What Is Business Continuity?” LinkedIn, “Security Management, What Is Security Management?”
TrakTik, “5 Key Roles of a Corporate Security Manager”