Using Security as a Strategic Growth Driver for Business

Written By: James Hart

For a growing number of companies, security has become more than a line item in the budget. It’s evolving into a driver of strategic business growth. 

A consistent focus on security – ideally overseen by a Chief Security Officer (CSO) or similar role — allows these firms to enhance their operations while preventing expensive, time-consuming accidents and emergencies. 

“It’s a more forward-thinking approach,” said Brent Brown, founder and executive chairman of Chesley Brown International, the security consulting and management firm. 

“It’s looking ahead to see what obstacles you might encounter, so you can try to mitigate those risks. You can focus on your business and grow it while your CSO concentrates on risk mitigation.” 

Those risks can come in multiple forms depending on the nature of the business:

• The operators of office complexes and shopping centers must provide excellent security for tenants and their visitors. In some cases, high-touch security could serve as a featured amenity that allows facility operators to outperform competing properties. 
• Food manufacturers have to maintain outstanding security around their facilities in order to protect the quality and safety of their products – and ultimately, their brands. 
• For technology firms, biopharmaceuticals and other companies with valuable intellectual property, guarding those assets could be essential for the future of the firm. 

In each case, security can help advance the strategic goals of the organization and meaningfully contribute to key business outcomes. 

If your company is considering a higher-level investment in security, here are a few useful points to keep in mind, Brown said. 

The 3 Essential Foundations of a Security Strategy 

While each company will handle security differently, there are three elements that every organization will need to function optimally. 

1. Operating Procedures

Companies should have written policies and procedures that outline how the organization addresses security day in and day out. If there is a dedicated security team, this is their daily “operating system.” These are sometimes called post orders. 

They create a system for providing the required level of service and identifying many problems early. This allows the security team to prevent the manageable from becoming unmanageable.  

2. Contingency Plans

Organizations also need a set of contingency plans that detail how they will respond to natural disasters, security incidents and other emergencies. When the worst happens, team members don’t have to spend time figuring out their next steps and hunting down resources. They just need to turn to open up the appropriate contingency plan.

“That’s going to make a huge difference in how quickly your company can recover from an emergency,” Brown said.

However, it’s not enough to write contingency plans, Brown said. These need to be “living documents” that are regularly updated, especially as part of post-incident response. That way, the organization can learn from each emergency and finetune their plans for the future.

3. Security Leadership

And finally, organizations need to designate a single leader to focus on security strategy. Ideally, this person will be a member of senior leadership, such as a CSO, who focuses solely or primarily on security. This role manages the organization’s security but, more importantly, is taking responsibility for taking a broader view of threats and finding solutions.

That can mean applying professional research and analysis to the organization’s security needs. Some CSOs will use industry data, crime stats, open source intelligence and other information sources to get a clearer picture of what the company could be facing. They may identify concerns that might otherwise be overlooked, such as organizing protection for the CEO or other key personnel while traveling. 

The CSO can also consult on projects that don’t immediately seem to have a security component, such as acquisitions or real estate purchases. That person might identify risks with those deals early, giving the company important insight into potential problems. 

This style of big-picture thinking distinguishes standard security from a security effort that can help support a company’s growth. 

“It is getting more complicated, complex and sophisticated in today’s world,” Brown said. “Because it’s no longer putting locks on your door and lights outside to keep people away at night.”

What Can Stand in the Way of a Robust Security Strategy

Companies should also be aware of common obstacles that can hinder a more serious, strategic focus on security. 

A lack of resources is one of the most common. It takes money and time to develop and maintain a security strategy. If the organization doesn’t have a firm commitment to this approach, it can be very tempting to trim security first during downturns. 

“If you don’t understand the value of security, if you don’t understand how it can better your company, then you’re going to view it as just another budget item that can be cut,” Brown said.

Fortunately, there are options for accessing the expertise of a professional CSO even if the business may not have the resources to hire someone for a full-time role. 

Chesley Brown offers a “fractional CSO” service that can lead the security strategy, provide oversight and take responsibility for planning. They might not work a full 40 hours per week, but they are highly engaged and readily available. 

This approach may work particularly well for midsize or smaller firms that want to take the next step with their security planning but can’t support a full-time CSO yet.  

In addition to providing the necessary resources, companies should ensure that security has a voice in the larger organization. The decision-making process should actively seek out their input for consideration. 

That’s easier if the security role is a more senior leader, like a CSO or a fractional CSO. When that responsibility lies with a low-level VP or department head, Brown said, they may not be included in the right meetings.  

Getting Started with Security as a Growth Driver

Having a security strategy can unlock multiple benefits for an organization. It can help companies prevent emergencies or recover more quickly when they occur, reducing the cost of downtime. 

Moreover, companies with exceptional security – the ones that earn a reputation for doing it well – could leverage that as a selling point for customers who need vendors they can trust. Technology companies in particular live and die by the strength of their security.  

And frankly, putting a dedicated security leader in place will make life easier for the rest of the leadership. They don’t have to manage security while juggling all of their other duties. 

“You’re going to get a few more hours of sleep because you can focus on the overall strategy for the business,” Brown said. “Frankly, most people that are senior leaders in a business, or even mid-level management, don’t really have time to think about security.”

As a longtime security consulting firm with expertise in multiple industries, Chesley Brown is uniquely qualified to help firms implement a security program that impacts their bottom line, whether they need help with security reviews, the services of fractional CSO or access to security intelligence. To learn more, schedule a consultation today.