Reflections on the 2018 Great Conversation from a Risk Consultant

IMG_0049.jpeg

The Great Conversation in Security 2018 was held in Seattle this past week and was a great success.  That the sponsors were able to arrange for some clear weather that highlighted spectacular views around Seattle was pretty great, too.

The 2-day conference kicked off on Monday and the topics started flowing immediately:

•    The Value of Security
•    Security Culture
•    The Mandate for IT
•    The end of ‘Silos of Excellence’
•    Intelligent Communications
•    Building Business Intelligence
•    Deep learning, AI and IA
•    Insider Threat Management
•    Realtime Threat Response
•    Who is on our campuses
•    Risk Planning and Resilience 

These sessions were facilitated by individual speakers or panelists that have demonstrated success through their own programs and initiatives.  The learnings that were transferred between presenters and attendees will be able to be immediately applied within numerous individual organizations.  Here are some of the Memorable Moments:
•    Focus on near time.
•    Employ strategic workforce planning.
•    Don’t forget your blind spot.
•    Build Security into a brand.
•    Failure defeats losers; Failure inspires winners.
•    There is no such thing as a smash-and-grab in cyber security.
•    Compliant does not equal secure.
•    Culture eats strategy.
•    Technology in and of itself does not solve problems.
•    We have a fiduciary duty to swiftly and safely coordinate the response to a verifiable threat.
•    If you try to secure everything, you won’t secure anything - planning is critical.

One would be remiss to forget two keynotes that were provided during the conference.  The first was during the Presidents Dinner on Monday night, with David McGowan, from Tiffany & Co., providing a thoughtful and moving talk on Leadership.  This was highlighted by a tie-in to Rachel’s Challenge.

The second keynote was given by Kristina Anderson, a survivor of the Virginia Tech shooting.  Again, the talk was thoughtful and moving and painted a very real picture of the job that Security is tasked with - protecting, first and foremost and even at the expense of property or possessions, the lives of people in the form of employees, visitors, contractors, students, patients, plaintiffs, defendants and on across the spectrum of those that come into our individual spheres of responsibility.

The Great Conversation in Security 2018, the conference, has come and gone, but The Great Conversation in Security must continue in our individual, corporate, industry and global efforts as we work to keep people, things and places safe.  The scope of the conversation is both wide and deep, including the tearing down of silos of people, process and technology; enormous increases in the number of networked devices and the subsequent need for intelligent agents to transform raw data into meaningful information; and, the necessity for Security to champion a fundamental shift by being the subject matter experts that work to enable the enterprise to manage security risk.

Parting Words
What would Security look like, if we could make Security look like anything we wanted it to?  If we can truly ponder this question without putting any constraints on ourselves, we might find just how transformative Security can be.  That will require a lot of great conversation, both inside and outside of Security.

Editor's Note: We historically choose to summarize The Great Conversation the week after the forum. However, we thought we would choose an attendee to have a voice and weigh in on their experience. We chose a Risk Consultant and first time attendee, Kent Howard with Integrum Security Risk Management. He can be reached at kent.howard@integrum-srm.com