Everybody knows the fable of Henny Penny, the chicken who insisted that the sky was falling and the world was coming to an end because an acorn fell on her head. But what most people don’t know is how this tale resembles the attitude of many security professionals as they go about their daily business. This year’s East Tennessee Cyber Security Summit is giving some of us a chance to pause for a moment and ask ourselves if our security posture could survive a few acorns dropping on our heads.
At the conference, I’m looking forward to starting a conversation with those who attend my presentation on how best to manage global risk. Beyond a shadow of a doubt, our perceptions of risk have changed dramatically over the last 10 years, and just the number of things CSOs need to secure is growing by the day. Our jobs have become evermore complicated as the borders of our organizations are eroded by a mobile workforce. The amount of data we need to store, both as a result of volume and to meet regulatory compliance requirements, is increasing as its value to criminals increases. As if these issues weren’t challenging enough, we also need to contend with the perception of increased natural and manmade disasters, courtesy of the 24×7 news cycle.
My colleagues and I confront these issues every day as we work to keep our company, our employees, and our customers one step ahead of the security challenges we know, and suspect are out there. And this task is definitely more pressing now that we are in the midst of preparing for the 2012 London Olympics. The way I look it at — while this task seems daunting, my team has the opportunity to turn this monumental task into an opportunity to build more robust processes and security practices if we approach these challenges through a risk-based approach.
If you’re not able to be at the ETCSS and you’d like to know more about my team’s risk-based approach, a few of my thoughts can be found in this post, or leave me a question in the comments section.
By Jill Knesek, Chief Security Officer, BT Global Services
