Preparedness in the Private Sector - 2010
Daniel Sandy Bayer
This report is the latest edition of The Conference Board series of surveys on business preparedness, updating and expanding prior surveys from 2007 and 2009. In 2010 a component to measure integration of the security function with enterprise risk management was added.
Although physical security, IT security, and business continuity are all part of a company’s security profile, few companies have integrated all three into the security function. In addition, enterprise risk management (ERM) was not involved with security at many firms. This report highlights the relationship between ERM and security, the importance of incorporating rare but catastrophic events in security planning, the difficulty of securing funding for the purpose of prevention, and the need to examine the security function of offshore third parties.