Meeting Between U.S. Chamber of Commerce, National Security Task Force Held at ASIS International
September 29, 2014
Governor Tom Ridge, Chairman of the U.S. Chamber of Commerce National Security Task Force, led a dynamic and interactive discussion with a panel of senior security executives from some of the world’s largest organizations at the ASIS International 60th Annual Seminar and Exhibits (ASIS 2014). The discussion looked at the threats facing multinational organizations, from cyber attacks to supply chain risks. This session, was held at the Georgia World Congress Center in Atlanta, Ga. on Monday, Sept. 29.
Each year, Security magazine honors top security executives who positively impact the security industry, their organization, their colleagues and their peers.
This year’s Most Influential is organized by five categories: Corporate Security Practitioners, Public Sector Security, University/Think Tanks, Cybersecurity and State/Local Government Security.
Protecting and supporting stakeholders on a global scale through investments in security operations centers (SOCs), intelligence services and travel support companies has become a best practice for leading security programs.
Some businesses, such as airlines, have either suspended service or increased passenger screening in the area. British Airways suspended service to both Liberia and Sierra Leone. Air France and Brussels Airlines increased screening procedures and warned that service could be cut at any time.
More than half of Chief Executive Officers will have a senior digital leader role in their staff by the end of 2015. However, the duties of a Digital Risk Officer would be very different than a chief information security officer (CISO).
The key to the risk-based security program is that no matter what issue you examine, every one of them affects the reputation of the enterprise in one manner or another.
Once the risk matrix has been populated, management must then prioritize the risks and determine which are the most critical to the viability, survivability and resilience of the enterprise. When that prioritization has been completed, various functions within the organization can be tasked to design the appropriate solution for the risk involved.
The Security 500 Benchmark Program is your tool to enter your security-related data and receive a confidential and free benchmarking report.
July 1, 2014
New this year is that all participating enterprises have the option to be included in the Security 500 rankings numerically or to be listed alphabetically. We have made this change to allow those concerned with numerical rankings to be included and recognized among the best security leaders in the world.
We share threat information throughout all areas of the organization, we coordinate response events, mitigating controls and we also report to our executive staff and regulatory group on incidents and events. My organization was formed to reduce reputational, financial, operational, and compliance related risks.”
The next national security crisis may be a lack of ability to mitigate or respond to such an attack because frankly, there’s no one available to mitigate the attack or respond to it.
The battle means that companies might be in danger of losing simply because they lack the manpower to deal with it. The battle means that companies looking for more security staff aren’t going to find them – they’re going to have to create them.
The latest buzzword these days is “Resiliency,” which for all intents and purposes is really nothing more than a new term for business continuity planning (BCP) in the private sector and continuity of operations planning (COP) in the public sector.
Probably the most important first step an organization should take in developing their BCP/COP program is to conduct an inventory of all of the enterprise’s processes, assets and resources (PAR). No one has the time or resources to boil the ocean, so once the inventory has been completed, the next step involves prioritizing the PAR list from the most critical to the least important.
How enterprises manage incidents outlines the strength and longevity of the business, and how they report vulnerabilities and adapt after a breach helps to stop incidents from reoccurring.