June 28, 2016 7:00:00 AM EDT  |  Security

Security Master Plans

Information Security Card Handmade from Paper Characters on Blue Background. 3D Render. Business Concept.When developing a master plan, security managers should consider strategic objectives that have proved to be effective in the past:

1. Prevent and mitigate disruptive events through increased domain awareness. 

The ability to recognize and then mitigate emerging threats, both natural and man-made, can be enhanced through a variety of initiatives. Surveillance systems, credentialing programs, access control technology, and decision support tools can significantly enhance risk management functions.

2. Develop and sustain a culture of security and preparedness. 

Making certain that a security strategy includes clear, unambiguous guiding principles and objectives will contribute significantly towards cultivating a security culture.

In order to focus resources on the most relevant security challenges, managers must guide their enterprises away from the notion that security spending is only an expense to be minimized. To develop a culture of security, master plans should support security initiatives as an investment, not an expense.

3. Leverage technology to enhance and optimize security posture. 

Positioning a business to take advantage of all available technology resources, including emergent breakthrough solutions, provides security managers with open access to critical resources that can have a force multiplier effect.

4. Protect lives, critical infrastructure, and key resources through training and exercises. 

Training and exercise programs continue to provide a good return with regard to risk mitigation. Developing a standard training program, based on security best practices, is key to optimizing security posture and increasing security awareness.

5. Enhance the ability to respond to and recover from a security incident. 

Risk cannot be eliminated, only managed, and no security program is foolproof. Security command and control centers, data management and information sharing capabilities, and technology tools that facilitate decision-making all contribute towards the response and recovery process.

6. Commit to continuous, incremental improvement to meet an adaptive threat. 

Security initiatives should be managed on a continual basis. Security professionals should aggressively pursue investments and initiatives that optimize their security posture, and provide a positive return on investment.

An effective master plan requires that existing security capabilities and resources are directly aligned with strategic objectives. Participation and buy-in from relevant stakeholders is essential.

By focusing on continual, incremental improvement, any firm can develop a solid foundation for responding to security incidents.

About the Author

Leigh Valudes, PMP, LEED AP

Leigh Valudes, PMP, LEED AP

Leigh Valudes leads both the Solutions Division, focusing on our core competencies, and our Non-Federal Portfolio, pursuing commercial and state/local projects. He is also responsible for quality control, branded solutions, and Markon University. During his 19-year consulting experience, Leigh developed expertise in strategic planning, mission analysis, requirements programming, facilities project management, design and construction management, business operations, and strategic marketing. Leigh has supported some of the largest campus programs in the DC metropolitan area including the Intelligence Community Campus in Bethesda, $5.5 billion Pentagon Renovation Program, and $4 billion Department of Homeland Security Headquarters Campus Program. He received a bachelor’s degree from the University of Delaware majoring in both government and history and graduated from American University’s Washington National Semester Program with a focus on national and foreign policy. Leigh holds the Project Management Professional (PMP)® credential and is a LEED Accredited Professional certified by the United States Green Building Council (USGBC).