The "Business Continuity" playbook provides the background and tools to create, manage, and execute all facets of an organization s business continuity program (BCP). Business continuity planning is an activity performed daily by organizations of all types and sizes to ensure that critical business functions are available before, during, and after a crisis.

This playbook guides the security leader through the development, implementation, and maintenance of a successful BCP. The text begins with a detailed description of the concept and value of business continuity planning, transitioning into a step-by-step guide to building or enhancing a BCP. Its 14 appendices, which include sample forms, templates, and definitions, make it an invaluable resource for business continuity planning.

The"Business Continuity" playbookis a part of Elsevier s Security Executive Council Risk Management Portfolio, a collection of real world solutions and "how-to" guidelines that equip executives, practitioners, and educators with proven information for successful security and risk management programs.
Answers the unavoidable question, "What is the "business value" of a business continuity program?"Breaks down a business continuity program into four major elements for better understanding and easier implementationIncludes 14 appendices that provide sample forms, templates, and definitions for immediate adaptation in any business setting"

The "International Security Programs BenchmarkReport"presents and analyzes the findings of a broad survey conducted by the Security Executive Council of corporate international security programs. The report identifies the types of international security baseline programs in place for a range of company sizes, and describes the organizational perception of security s role and capability. The data suggest that international security programs are greatly affected by the company size and the location of the security department within the organization, whether as part of the executive, legal, or human resources function.

Security leaders can gain valuable insights from this report regarding the scope of international security programs at key corporations with contextualized comparison points for evaluating their own programs.

The "International Security Programs BenchmarkReport"is a part of Elsevier s Security Executive Council Risk Management Portfolio, a collection of real world solutions and "how-to" guidelines that equip executives, practitioners, and educators with proven information for successful security and risk management programs.
Summarizes the key points of a broad survey on international security programs conducted by the Security Executive CouncilBreaks down survey responses by company size and functional location of security within the organizationProvides insight into other organizations existing international security programs and services "

This research report presents the findings of a broad survey of corporate security programs conducted by the Security Executive Council s Security Leadership Research Institute (SLRI). The researchers' objective was to benchmark the state of the security industry in terms of organizational structure, budget, staff resources, board-level risk concerns, program drivers, and services provided. The level of responsibility each respondent reported for a list of 30 security programs or services is also compared across several organizational categories.

This report can be used by security professionals for introspective analysis of the security team within their organizations, external review of the ways in which other organizations approach risk management, internal justification of security budgets and initiatives, and for performance metrics.

"Corporate Security Organizational Structure, Cost of Services and Staffing Benchmark"is a part of Elsevier s Security Executive Council Risk Management Portfolio, a collection of real world solutions and "how-to" guidelines that equip executives, practitioners, and educators with proven information for successful security and risk management programs.
Summarizes the key findings of a large survey on security programs conducted by the Security Executive Council s Security Leadership Research Institute (SLRI)Breaks down survey responses by organization size, scope of responsibility, industry, and more in easy-to-read charts and tablesProvides invaluable insight into other organizations existing security programs and services"

This trend report provides security executives and practitioners with an overview of the benefits of using web-based applications and tools in the workplace and their security risks. Web-based applications are being used by businesses more and more each year for purposes of improved communication with employees and customers, group collaboration, and marketing and publicity outreach. The benefits of web-based applications for business are many, but so too are the risks associated with them. Data leakage, information manipulation, malware, and authentication security are just a few of the cyber threats discussed in this report.

It is critical to weigh the pros and cons of implementing a web-based application in the workplace and plan accordingly to mitigate risk. This report is a valuable resource for any security professional who is considering the adoption of a web-based application for corporate use.

"TheBenefits and Security Risks ofWeb-Based Applications for Business"is a part of Elsevier s Security Executive Council Risk Management Portfolio, a collection of real world solutions and "how-to" guidelines that equip executives, practitioners, and educators with proven information for successful security and risk management programs.
Provides security executives and practitioners with an overview of how companies have begun to adopt web-based applications and tools for employee useDescribes the benefits of web-based applications and warns of the potential risks associated with their use in the workplaceIncludes practical recommendations to mitigate the risks of web-based applications"

"Nine Practices of the Successful Security Leader" lays out a series of best practices for security managers. Collected from interviews with security leaders at public and private sector organizations, ranging from small- and mid-size all the way up to large international entities, these practices are a sampling of what is vital and what works. Recommendations such as close communication with management, alignment of security agendas with business goals, and creating internal awareness programs are just some of the effective initiatives detailed in the report. With this information, security professionals can gain insight into the practices of their peers, measure their own success, and mentor junior colleagues.

"Nine Practices of the Successful Security Leader" is a part of Elsevier s Security Executive Council Risk Management Portfolio, a collection of real world solutions and "how-to" guidelines that equip executives, practitioners, and educators with proven information for successful security and risk management programs.
Based on extensive interviews performed by the Security Executive Council with today s top security leadersSummarizes the insights taken from these interviews into nine practical ideasProvides actionable advice and strategies for earning the respect and trust of senior management and colleagues"

"Crisis Management at the Speed of the Internet" provides security executives and practitioners with an overview of the potentially harmful impact of social media communication on corporate reputation. Within minutes, the online consumer community can propel a company into an image crisis, brand damage, and a financial disaster-even if the viral information isn t factual. It is critical that an organization respond quickly and decisively to crises in online media.

The report explores examples of companies that have experienced this kind of impact, and describes practical, strategic methods for mitigating and resolving a crisis, including cross-functional team readiness and internal communications training. It is a valuable resource for any security professional working to create or improve an existing corporate crisis management policy.

"Crisis Management at the Speed of the Internet "is a part of Elsevier s Security Executive Council Risk Management Portfolio, a collection of real world solutions and "how-to" guidelines that equip executives, practitioners, and educators with proven information for successful security and risk management programs.
Provides security executives and practitioners with an overview of the potentially harmful impact of social media communication on corporate reputationCites examples of companies that have experienced this kind of threat and describes the successes or failures of their responsesDescribes practical, strategic methods for mitigating and resolving a crisis"