In response to the growing number of cyber-attacks and data breaches that are increasing the exposure to corporate C-suite and boards of directors, a select group of thirty high-level security executives gathered in Chicago February 26th for networking and sharing strategies to better position themselves in C-level discussions.
The intent of the meeting was to provide a plain-English translation of IT security concepts and actions intended to give the physical security leaders the background to engage in discussions of protecting information and technology with their corporate peers and executives.
“This was a unique gathering of senior security professionals that included the current president of ASIS International and three past presidents,” said Ray O’Hara, executive vice president of AS Solution and one of the past presidents. “It is amazing how much our existing security expertise directly relates to the information security world.”
Dave Tyson, chief information security officer at SC Johnson and the first CISO to lead ASIS as its 2015 president, addressed the attendees. A recognized expert on the topic, Tyson started his career in traditional security practice before earning his MBA in digital technology management. Prior to SC Johnson, he worked for companies such as IBM, eBay, and Pacific Gas and Electric.
Tyson provided the attendees easily understandable explanations of common IT buzzwords to demystify the techno-babble. The goal was to allow security practitioners to understand the challenges and make better business decisions related to:
– Infrastructure
– Applications
– Cloud
– Mobile
– Big data
– Social media
– TOR
– Dark web
Hosted by Keith Blakemore, director of security and loss prevention at WW Grainger, the gathering came about from discussions by Blakemore, O’Hara, and Tyson. A December 27, 2014, Forbes magazine article titled “Why It’s Time for a Board-Level Cybersecurity Committee” by Betsy Atkins, a three-time CEO and a director at Darden, HD Supply, and Schneider Electric, reinforced the need for the meeting.
In the article Atkins writes, “Step one for every board is to understand that it is supposed to be offering oversight on these risks as part of its fiduciary duty. The board needs to assure there are internal controls in place to protect the corporation’s cyber assets. The stakes are high. A study found that up to $21 trillion in global assets could be at risk from cybercrime. What is needed is a solid board structure for monitoring and managing cyber risk in the company. To begin, I recommend is a series of committee briefings so ‘cyber security’ is demystified and better understood.”
The full article is available on forbes.com.