On May 2, 2024, a group of Chief Security Officers (CSOs) and other well-known security leaders gathered for a thought-provoking focus group discussion on the future of security departments. The session, hosted by Effortlo, revolved around one central question:
"How different will your department look next year, and in five years?"
The conversation was rich with insights, highlighting the evolving landscape of security operations, budget constraints, skill development, and the integration of new technologies.
The Budget Conundrum: Doing More with Less
The overarching theme of the discussion was the ubiquitous challenge of managing tighter budgets. It was noted that nearly everyone is being asked to tighten their budget, emphasizing the pressure to work smarter and more efficiently. This set the stage for a series of discussions on innovative approaches to managing resources effectively.
One company has been realigning its #security organization with its mission, focusing on strategic risk management and governance. The shift towards prioritizing investments and local risk ownership aims to drive efficiency while maintaining robust security measures. Additionally, the importance of aligning security goals with the company's strategic plan was underscored.
“How might we effectively focus on the key priorities that must be addressed by global leadership to ensure comprehensive strategic risk management and the efficient use of budget?” -Josh Carver
Skill Development: The New Security Professional
A significant part of the discussion revolved around the evolving skill sets required for modern security professionals. There was an emphasis on the need for business acumen, communication skills, and a multidisciplinary perspective. #Securityleaders now need to understand various business functions to protect and support their organizations effectively.
The importance of investing in employee development was also highlighted. Organizations can build a versatile team capable of handling diverse challenges by training security personnel in various disciplines. This approach not only enhances security capabilities but also helps in reducing human risk by showing employees that they are valued and invested in.
High-Level Talent vs. Tactical Employees: A Strategic Shift
One of the most poignant discussions focused on the strategic shift towards recruiting more high-level talent rather than just tactical employees. It was stressed that individuals with business #education backgrounds who can understand the complexities of the business and align security measures accordingly are essential. This shift aims to enhance strategic capabilities and ensure security teams can contribute to broader business goals.
"We have to educate ourselves and become business savvy. I've been a security professional for the first 20 years of my career, and in the last 10 years, I've evolved into being a business leader." - Matt Blowers
The difficulty in finding well-rounded security professionals who can handle both strategic planning and #crisismanagement was highlighted. While some teams are still in a growth phase, the focus is on maximizing the efficiency of the current team and leveraging technology to reduce dependency on headcount. This balance between strategic thinkers and tactical doers is crucial for the future success of security departments.
Proactive vs. Reactive Security: A Balancing Act
The need to balance proactive and reactive security measures was also discussed. While it's essential to prepare for emergencies, it is crucial to enhance response capabilities. The Ukraine-Russia war was cited as a case where strategic response and situational awareness at the executive level were crucial.
Insights into the integration of #AI and other technologies to monitor behavior and detect early warning signs of potential threats were shared. These technologies can provide early indicators, allowing for timely interventions before issues escalate.
Leveraging Technology and AI: The Future is Now
One of the most exciting parts of the discussion was the exploration of how technology and AI are transforming security operations. The use of Physical Identity and Access Management (PIAM) systems for badge access was highlighted, providing a significant return on investment by automating manual processes.
AI tools that enhance security by predicting and #mitigatingrisks were also discussed. These tools can monitor communications and behaviors to detect early signs of potential issues, enabling proactive measures and reducing reliance on human resources.
Addressing Insider Threats: A Proactive Approach
The critical issue of #insiderthreats was also addressed. The importance of proactive measures and integrating AI to predict and prevent insider threats was emphasized. By using tools that classify data and monitor behaviors, organizations can protect themselves from internal risks more effectively.
Recruitment and Retention: Finding the Right Talent
The challenges of recruiting and retaining the right #talent were also touched upon. The need for individuals with business education backgrounds who can understand the complexities of the business and align security measures accordingly was stressed. The difficulty in finding well-rounded security professionals who can handle both strategic planning and crisis management was echoed.
"It's really about finding people with both the strategic mindset and tactical skills. It's a challenge to find well-rounded security professionals who can handle strategic planning and crisis management, but it's crucial for the future success of security departments." - Jason Maddix
Key Takeaways
The #CSO focus group provided a wealth of #insights into the future of security departments. Here are the key takeaways:
Budget Optimization: Managing tighter #budgets requires innovative solutions and strategic planning.
Skill Development: Multidisciplinary skills and #businessacumen are crucial for modern security professionals.
High-Level Talent: There is a strategic shift towards recruiting high-level talent with business acumen rather than solely tactical employees.
Proactive Security: Investing in response capabilities and #leveragingtechnology to predict and mitigate risks is essential.
Technology Integration: AI and other technologies can significantly enhance #security measures and reduce reliance on human resources.
Insider Threat Management: Proactive measures and AI tools are vital to predict and prevent insider threats.
The discussion concluded with participants agreeing to continue sharing resources and insights to help each other in strategic planning and budget management. The group's collaborative spirit highlighted the importance of community and knowledge-sharing in navigating the evolving landscape of security operations.
About Effortlo
Effortlo is the world’s only marketplace for security resources that helps companies operate a lean and efficient security program by providing effortless access to a wide range of global experts with one agreement and one payment. With transparent pricing and a hassle-free (Airbnb-like) model, effortlo allows customers to work directly with security experts to expand their capabilities, meet deadlines, and stay within budget. We're also the only platform enabling any validated security expert to discreetly promote their skills and expertise to the greater security community.
Contributors/Attendees to the CSO Focus Groups Include:
Josh Carver – Chief Security Officer at Schneider Electric
Matt Blowers – VP, Global Real Estate and Facilities at BorgWarner
Jason Maddix – Corporate Security Director at Republic Services
Rich Streeter – Chief Security Officer at PwC
Rusty Wallace – Chief Security Officer at Veritiv
Roy Lemons – Chief Security Officer at International Paper
Carlos Galvez – VP, Global Security, Facilities and Financial Intelligence at Oportun
Marty Bishop – Senior Director Global Security at Analog Devices
Matt White - Director Of Corporate Security at TE Connectivity
Reigna Zeigler – Global Director - Emergency Management & Continuity
Veljko Ognjanovic – Corporate Security & Business Continuity Manager at Syneos Health
Tom Edwards – Director of Global Corporate Security at Airbnb
Jeff Dean – Sr. Director, Physical Security & Employee Safety at Databricks
Claire Campbell - Chief Security Officer at Moneycorp
Scott Fischer – Sr Manager, Global Security at James Hardie
Lindsay Siefman – Sr. Mgr. Regional Security & Crisis Management
Susan Goggin – Director, Global Head of Safety & Security at Airbnb
Plus other Chief Security Officers / Global Security Leaders.
And aided by the effortlo "Executive Resource Council."
Bruce McIndoe – President McIndoe Risk Advisory and founder of iJet/WorldAware
Richard Widup – President of The Widup Group & former President of ASIS
Sulev Suvari – Principal of Levvari, fmr Global Head of Safety, Security & Resiliency at HP
Jon Harris, MBA, CPP, PSP – Sr. Product Manager, HiveWatch
Robert Chamberlin – President & Founder of Security 101
Brittany Galli – Founder of MoboHub & Chair of ASIS Women in Security Group
Steve Lisle – Ambassador for Reducing Effort – Founder of effortlo.
Dr. Steve Albrecht – WPV and Threat Assessment Expert
Mike Osborne – former Chief Security Officer at Kinross
Karan Uthaiah – Founder of TASC and former Head of Global Resilience at HP Shawnee Delaney – CEO and Founder of Vaillance Group