Corporate Security Organizational Structure, Cost of Services and Staffing Benchmark

Bob Hayes has more than 25 years of experience developing security programs and providing security services for corporations, including eight years as the CSO at Georgia Pacific and nine years as security operations manager at 3M. His security experience spans the manufacturing, distribution, research and development, and consumer products industries as well as national critical infrastructure organizations. Additionally, he has more than 10 years of successful law enforcement and training experience in Florida and Michigan. Bob is a recognized innovator in the security field and was named as one of the “25 Most Influential People in the Security Industry” in 2007 by Security magazine. He is a frequent speaker at key industry events. He is a leading expert on security issues and has been quoted by such major media outlets as the Wall Street Journal and Forbes. Bob is currently the managing director of the Security Executive Council. Greg Kane has held a director role for the Security Executive Council since 2006. In this role he is responsible for mitigating risk as it applies to IT systems and the extensive intellectual property assets contained within. He has been responsible for disaster recovery and business continuity for various organizations for over 20 years. His work experience also includes analysis of security-related regulations, standards, and guidelines in order to encourage efficient and value-added compliance management. Greg leverages his strong skills in research and analysis to write a monthly security newsletter published to an audience of over 10,000 security practitioners. Before joining the Security Executive Council, Greg provided services to multiple businesses from retail to high tech manufacturing. This included more than 10 successful years with a leading international business consulting services provider. Greg's educational background includes an MS degree in computer science and an MBA. Kathleen Kotwica has a PhD in experimental psychology from DePaul University and has had a career as a researcher and knowledge strategist. Her experience includes positions as information architecture consultant at a New England consulting firm, director of online research at CXO Media (IDG), and research associate at Children's Hospital in Boston. She has authored and edited security industry trade and business articles and has spoken at security-related conferences including CSO Perspectives, SecureWorld Expo, ASIS, and CSCMP. In her current role as EVP and chief knowledge strategist at the Security Executive Council she leads the development and production of Council tools, solutions, and publications. She additionally conducts industry research and analysis to improve security and risk management practices.

Executive Summary

Section I: Organizational Demographics

Section II: Respondent Demographics

Section III: Security Budget

Section IV: Security Employees

Section V: Board-Level Risk Category Breakdown

Section VI: Program Drivers

Section VII: Security Program Governance

Section VIII: Risk Oversight

Section IX: Security Programs