Q. I have read the Council’s series of articles in the Knowledge Corner on the Next Generation Security Leader. The article about acquiring security training and knowledge, including academic degrees, prompted a question in my mind. I understand that experience in core programs is essential; however, I was wondering if you could give some insight into how higher education is addressing the needs of next generation security leaders.
A. There are a number of institutions of higher learning that offer undergraduate, graduate, and certificate programs in “Security Management.” Unfortunately, the current curricula in these programs tend to focus on traditional issues including: personnel management, loss prevention methodology, investigations, legal aspects and liability, IT security, emergency management and terrorism. While all of these topics are important, they don’t adequately address the breadth of business competence that will be the hallmark of the next generation security leader. As recent surveys have shown, those selected for high profile security positions are increasingly coming from business backgrounds. This is in large part because CEOs, CFOs, and Boards of Directors want individuals in those positions who understand the company’s business objectives and can make risk management decisions within that context.
One of the most effective ways to protect and preserve a company’s business and reputation is to prevent bad business decisions. A security professional can add value to that process by understanding and being able to provide risk related input on issues such as product development, marketing, business development, advertising, regulation and compliance, and emerging markets. However, to be regarded as credible, the security leader must be viewed as a business professional whose risk management recommendations and actions are based on sound business judgment.
What is the role of institutions of higher learning in helping to educate future security professionals? The challenge is to evolve programs to support the changing requirements of security leadership. This means developing degree and certificate programs that include multidisciplinary content drawn from business, IT and criminal justice programs. For working professionals, this also means programs that are offered mostly or completely online. I am aware of one university that is considering such a multidisciplinary program, but it is still at least a year from being launched. Hopefully, other institutions are looking at similar programs. For now, students will have to choose elective courses within existing programs that give them the knowledge foundation they will need to be successful.
Editor’s note: See the Council’s guide: Security Training Resources, for some education and training options
Answer provided by Dan Rattner, Security Executive Council Emeritus Faculty.