By Jeffrey A. Slotnick, CPP, PSP
2012, was the second year for the Great Conversation. Building upon the successes of the 2011 Great Conversation, 2012 attracted attention and interest from key executives of leading northwest companies. Many attendees felt the shared business intelligence was valuable in helping security executives create a roadmap for the future of their enterprises.
The knowledge shared at the 2012 Summit came from thought leaders on the main stage, the Subject Matter Experts (SME) in panel discussions and solutions showcased from technology vendors in Breakout Sessions. Further, security thought leaders shared their insights on emerging trends, technology benchmarks and security solutions. Through the presentations and peer to peer networking participating leaders discussed how those solutions could improve corporate strategic value and support their organizational roadmaps.
One of the keynote speakers was Mike Howard, CSO of Microsoft and he was quoted as saying
“Your IT department is moving its services to the cloud. Microsoft (like Amazon and Google and others) is committed to the cloud. So, if you’re not already thinking about how your security department can use the cloud, you need to start.”
Mike Howard was right! Today in 2017 I think about how reliant we are on private, public, and community clouds for enterprise security and the achievement of daily business objectives. Two years ago my business made the move to Office 365, today we are using Office 365 Enterprise for our daily work as well as critical information management solutions for Enterprise Security Risk Assessments and immediately sharing critical information. Additionally, there are the many cloud solutions for critical communication, video storage, central monitoring, and seamless integration of multiple physical security devices. Moreover, in 2012 we were speaking about eliminating silos of information and how silos create inefficiencies.
The above topics laid the ground work for the practice of Enterprise Security Risk Management (ESRM).
“Risk management is the process for identifying, analyzing, and communicating risk and accepting, avoiding, transferring, or controlling it to an acceptable level considering associated costs and benefits of any actions taken.” - DHS Risk Lexicon, 2010 Edition.
"Enterprise Security Risk Management covers not only traditional security issues such as loss prevention and terrorism, but also a broad array of topics including brand protection, business continuity, corporate espionage, cybersecurity, information security, resilience, and white collar crime.” - ASIS International 2016 ESRM as a Global Strategic Priority.
So on March 6th and 7th will you be looking out the front window to your futureor in the rear view mirror since you missed a “great conversation” with your peers.