Securing a Seat at the C-Suite in 2016: A Security 500 West Overview

Robert Jones, Deputy Assistant Director for Counterintelligence at the FBI, spoke about corporate espionage risks and public-private partnerships to a packed house at this year's Security 500 West, sponsored by G4S.

May 26, 2016

No Comments

More than 60 enterprise security leaders attended this year’s Security 500 West conference in Los Gatos, California, on May 17, and they participated in high-level panels and conversations about how CSOs and security directors could make a bigger impact on the organization without squashing innovation or compromising the enterprise’s culture – an understandably hot topic in Silicon Valley.

Sponsored exclusively by G4S and moderated by Lynn Mattice of Mattice Associates, this year’s conference kicked off with a keynote address from Robert Jones, Deputy Assistant Director for Counterintelligence at the FBI, about corporate espionage on U.S. companies. He recommended that enterprises educate their employees on the methods of targeting and theft, as corporate espionage involves much more than dumpster diving for discarded files now. Around 50 percent of espionage cases have insider help, he says, whether it’s intentional or not.

The keynote was followed by several panel discussions, including Q&A sessions with the audience. The “Securing High Tech Companies without Squashing Innovation” panel included security leaders from Twitter, Square and Citrix. Many Silicon Valley companies are run by very young CEOs and staffed by recent college graduates, says Michael John, Director of Global Security and Safety for Citrix, so his team is focusing more on “holistic employee care” instead of being the “corporate cops.” This means educating new college graduates about safety and risk in general, helping to create a safe workplace and a safe work environment, both on campus and off.

John added: “You build (successful security) programs based on trust, not paranoia.”

Next, panelists from Principal, Boeing and Microsoft discussed how they design, build and use global security operations centers (GSOCs) in their enterprises. One of the main challenges was how to choose new technology to integrate into the GSOC that will scale to an enterprise level and continue to provide value for a longer period of time. Another challenge was how to show the GSOC’s value. According to Sandy Cowie, Director of Global Security and Business Continuity for Principal, she tries to demonstrate the impact of the GSOC’s actions – how it is helping employees live their best lives.

The final panel of the day centered on building security’s brand, and panelists’ experiences ranged from Marty Lev at Snapchat building a new security program for a massive app to tweaking or inheriting an existing security program, such as with Tom Mahlik of MITRE. This panel also covered adjusting your personal security focus during a job change. Jana Monroe, now VP or Global Security and Safety for Herbalife, had to shift her approach to security from the strict, straightforward mission at her former position at Southern California Edison to a softer approach, with monthly and daily reminders of security facts and missions: “Security and Safety is Everyone’s Responsibility” is her department’s motto.

Mahlik, Director of Global Security for MITRE, says that instead of the old-fashioned security mindset of “guns, guards, gates and geeks,” the galvanizing theme for MITRE’s security is “P2I: Protecting, Partnering, Informing.” For Lev at Snapchat, he adds: “Know your product, know your brand… No one started a company to be secure – security happens along the way.”

If you’re interested in participating in the next round of high-level security leadership discussions and networking, registration is now open for the Security 500 Conference in Washington, DC, on November 14, 2016. Apply to attend at Security500.com

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 November

This month, Security magazine brings you the Security 500 Report, Rankings and Thought Leader Profiles. How does your enterprise compare to others? Which security programs are leading the way? Also this month, we highlight how to plan, prepare for and build resilience to protests and other unplanned events, video surveillance tools for SMBs and more.

View More Create Account

Securing a Seat at the C-Suite in 2016: A Security 500 West Overview

Related Articles

Related Products

Report Abusive Comment