Institutions face risks as part of doing business. There are inherent risks in their operations and in their interactions with customers and partners. Identifying and understanding the relationships between these risks and security solutions is essential to effectively employ security to address these risks. Business security patterns establish a powerful methodology to identify and understand these relationships to help maximize the value of security investment. This paper presents an introduction to business security patterns. It is intended for use by the Chief Information Officer, Chief Security Officer, as well as by any individual or organization within an institution that is responsible for information technology and security.