Why Do We Need a Great Conversation in Security?

It was about a year after 9/11 and I was painfully concerned about our industry. Our executive client, the CSO, was still contracting with integrators as if they were just another construction-based contractor. They were purchasing, installing and maintaining IP-based solutions as if they were locks on doors, with an expectation that they could buy and forget. And most of us in my peer group where whining about the perception that we were only good for installation; that we had no business in claiming we could be true advisors to the business.

So, I took a long hard look in the mirror and decided to take personal responsibility for our position. But there really was no place to turn. It seemed our entire risk, resilience and security ecosystem was stuck.

We had a big idea at the time, but did not know how to fund it. We were a very small company in 2002. The big idea was to begin to identify and track the thought leaders who were thinking about risk and resilience in innovative new ways. Then we needed to find the early adopters, those CSOs who were piloting or embracing new models of managing their business and leading their teams. And finally, we needed to find technology thought leaders who deeply desired to talk about new breakthroughs that could optimize or completely revolutionize how CSOs managed their programs.

And, since we were trying to change the perception that we could not be independent advisors to the CSO because we sold technology solutions, we had to adopt a rigorous benchmarking process to understand the true capabilities of any technology and, more importantly, what problem it solved and what market was most likely to have that problem. That way we could look a CSO in the eye and tell them how we tested and piloted various technology platforms and how it would drive value and return over time. We could also begin to develop a technology roadmap that integrated their internal IT standards with an intentional strategy for evolving their security technology architecture over time.

It was time to create a Great Conversation around these issues and opportunities, collect the leaders together in a leadership program, and challenge them. We decided to be evangelists for this by investing as a host and creating a guiding coalition of leaders in every part of the security ecosystem to invest as well.

Fifteen years later we will host The Great Conversation in Security in Seattle, Washington, on March 6 and 7 on the Seattle waterfront. As always, the attendees and speakers come from all over the world prepared for a lively and informative exchange among peers. Security Magazine was one of the first media sponsors to recognize the value of the forum, and I am honored to have them with us this year.

We have the following tracks that The Sage Group, the producer of the forum, uses to research the trends and identify the right speakers:

Enterprise Security Risk Management (ESRM)
Intelligence
Leadership: Strategy, Innovation and Change
Organizational Strength
Technology

CSOs including Mike Mason from Verizon, Mike Howard from Microsoft and Ed Bacco, former head of security for Amazon, have been key contributors and will be in the conversation again this year. We will publish the findings in the April issue of Security magazine.

Phil Aronson is the second generation owner of Aronson Security Group (ASG) a provider of risk, resilience and security solutions within the emerging Security Risk Management Services (SRMS) industry. Aronson is heavily invested in a legacy of value for the industry by hosting an executive leadership forum called The Great Conversation, by participating in the International Security Management Association (ISMA) and by leading his company to the next generation of security services.

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.