The Great Conversation

View Original

The Frameworks We Use to Define Security May Hold Us Back

There are recurring questions that risk, resilience, security, and business leaders have been asking themselves for years. They are common themes we hear at the seminars and conferences alike. Questions like:

  • Is security mission critical to the execution of the business?

  • If so, how is this evidenced in the strategic planning and execution of the executive management team (EMT)? (examples include the CFO, CIO, CISO, CLO, HR, and CSO)

  • Is it important for security to be the responsibility of multiple people in an organization, including those outside of the security discipline?

  • Who are the core members of the EMT that security relies upon?

  • Does security drive business continuity and reputation strategies or is it a supporting function?

  • How can security professionals best gain budget and buy-in for corporate security in their organizations?

  • Is security seen as a cost center? If so, how do you prove its value?

  • How does current technology support cross functional collaboration, communication, and the measures of value that support its strategic role of helping navigate risk and opportunity for the members of the executive management team?

I will be providing some of the answers I received from a recent polling of the Great Conversation community. I also want to share this recent conversation I had with the Founder and CEO of Concentric Security, Mark Oakes. He takes a multi-disciplinary, creative look at industrial security, some of the stories security practitioners have been telling themselves for years as well as some new, useful mental models we can use to improve our thinking processes.

This is a fascinating and great conversation around how we see, know, and act as both security professionals, as human beingsā€¦ and as leaders. These insights can positively impact the stories we tell ourselves in the future.

See this content in the original post