An Interview with William Plante: Disrupting Security

William Plante, Senior Principal in the Enterprise Security Risk Group (eSRG), moderated a panel on the “Uberization” of Security at the Great Conversation in Seattle. No, we are not talking about a mobile app to run everything. We are talking about the increasing dilution of the security executive’s impact on the organization’s value because of the hidden costs of the security infrastructure including the shortage of subject matter expertise to run it. It is a sign that you are about to get disrupted when you are not attentive to the customer experience which includes the value proposition of time, money and value. Let’s learn more about William.

What is your background?

I was a CSO at Symantec. I was also Director of Enterprise Resiliency at Intuit. I ran a boutique security consultancy for programs and systems. And I have been a security practitioner for 39 years.

As a Risk, Resilience and Security leader, why is it important to have a great conversation with the security ecosystem?

The security ecosystem is rich with knowledge, experience, and perspective. Any security practitioner looking for guidance and advice can turn to all segements of the security industry – manufacturers, consultants, integrators, distribution, publishers, and other endusers – to gain a full perspective of issues and trends within the industry and that impact our world.

What are the key learnings you have experienced in past conversations?

I am impressed with the level of leadership sophistication and practical advice that we get from our conversations. We are an industry with some very smart people, both as practitioners and as business managers. Provocative, and sometimes contentious conversations, bring better meaning and understanding regarding issues and problems that we (as a collective of practitioners) can solve.

Describe the objective of your panel?

The IT world continues to impact how we manage and operate our systems. And the enterprise continues to demand the best bang for the buck challenging security leaders to remain focused on core competency and bring best value to the table. This conversation is focused on understanding how that is translating as an outcome in security departments and within the market. As leaders contine to grasp the true total cost of security while simultaneously adapting to new business and operating challenges, they are now pushing the “standard” paradigm of hosting and managing systems. The outsource model of consumption-based (or “pay-per-sip”) managed security services is becoming financially and technically viable. This panel explores this new paradigm.

Why is this important to the conversation?

Our Conversations often concern themselves with identifying significant trends and interpreting their impact. Providing a Managed Security Service isn’t a new idea within the IT and business community, and it isn’t new to corporate security either. With new advances in Cloud infrastructure and deployment, coupled with businesses that focus on providing core services and adding best value, the time to reexamine 3rd party hosted infrastructure and services is now. This trend will gain more momentum in the next several years and should be understood by every organization concerned with providing the best programs for the best value.

Based on the agenda, what do you hope to learn this year?

I am keen to learn how Scott Klososky is going to address the Integrated Security Model. Security is a very dynamic program, and I do think there’s a continual disruption in our space. I’m keen to hear what he has to say. The smart building discussion is also an especially interesting topic and I’d like to learn what others are thing about in terms of challenges and opportunities to integrate smart buildings into security system services.