As many of you know, The Sage Group produces The Great Conversation in Security event every year in Seattle. In 2014, it will take place in Seattle on March 3-4 and in Washington D.C. on October 27-28. SecurityInfoWatch.com is our online media sponsor for the events.
The conference is unique. It attempts to capture “conversations” throughout the year that we identify through interactions with security executives, consultants, integrators and business executives.
The conversations are then distilled into a concentrated event featuring keynote speakers that have wrestled through the challenges and the opportunities that impact the value of the risk, resilience and security of their organization. It also features case studies and panel discussions that address the unique interaction between people within a role working within a security program process leveraging technology. It is within these interactions that metrics are established that will determine how effective a program is and how that will be reported to the business. Value is not just in the mitigation of risk, but also how efficient a program is in the use of its assets in mitigating that risk. And that includes business assets; people in other departments who must report on their value and risk mitigation activities.
We also partner with the Security Executive Council (SEC) to produce the Next Generation Security Leader (NGSL) program the day before the conference as an optional, tuition-based learning event for executives and their teams. This has proven to be a powerful lead-in to The Great Conversation, adding to the conversations from the academic, consulting and security leadership community. The SEC has been creating a “collective knowledge database” for years and they have leveraged this and their faculty to create a stepped approach to leading innovation and change within the security profession.
Here are some of the questions we have overheard being asked by the security ecosystem over the last six months:
- How do I create a common operating picture from the technology silos that we have installed over time in our facility?
- How do I help my team construct an information management architecture that can act as a standards guide to purchasing new security technology so that I do not get boxed in with proprietary systems?
- How do I manage and report on our security technology performance in a similar manner as IT does in its provisioning of enterprise systems? (e.g. downtime %, utilization, response times, etc.)
- How do I determine what parts of my program that I outsource: people and technology?
- How do I Identify the key metrics that will determine our value to our organization? Once identified, how do I deploy people, process and technology to effect these metrics?
- What assets should we be managing access to with a metal key, electronic tag or access card? (objects or materials, material handling equipment, transportation, etc.)
- Where should we be using multiple forms of authentication for access and why? (For example: should we be using video and/or biometrics in conjunction with a key or card to identify identity, time of entry and/or breach? Why? If so, is it a standard or relegated to only a few areas?
- How do we correlate, streamline, and continuously report on compliance to internal or external standards (such as health and safety) for the access and operation of sensitive areas, equipment or tools?
- How are these access points enforced, measured, and reported on today to adhere to these standards?
- What are the most common breaches to security access points per industry? What is the cost (time, money, risk) of each breach or potential breach?
We are actively conducting final surveys and plan on providing survey participants a free aggregated and redacted (for privacy) report at The Great Conversation. If you would like to participate in several of these surveys, please contact [email protected]. You can still contribute to the survey without attending but will be unable to participate in the conversations around these and other topics.
