01 February 2015

Think Tank: Leadership of Security Risk Professionals...

"Leadership of Security Risk Professionals" is in the operational risk management think tank.  A program being designed for corporations and other organizations who are raising the bar in their personnel skills, risk knowledge and corporate stewardship of their respective silos of enterprise security risk.

If you think about the typical organization who have dozens of risk managers spread across Legal, Human Resources, Finance, Information Technology and Facilities/Real Estate; they all have their own individual silos and risk landscape.  The challenge is to develop a strategic leadership program for these people and the respective skill sets they all should possess, to provide effective Operational Risk Management in our modern day dynamic enterprise.

This strategic program developed to address "Leadership of Security Risk Professionals" (LSRP) shall have several key modules:
  • Behavioral Indicators
  • Organizational Factors
  • Personal Factors
  • Information Communication Technology (ICT)
  • Situational Awareness
  • Continuity of Operations
  • Incident Command
  • Crisis Response
Wrapped around all of these educational modules shall be practical exercises, realistic scenarios and hands on testing in a simulated environment.  All delivered within the secure facility of an off-site location, where everyone eats, sleeps and learns together over the course of 2.5 days.  The think tank outcomes so far, have expressed a desire to also include a hands-on layer.  This will be devoted to counterintelligence awareness building and the active pursuit of economic espionage, trade secrets and intellectual property theft.

The LSRP program is currently being architected and will be formally launched in early 2015.  In the mean time, we would like to know what you would like to see included, in terms of skills learned and practiced.  What are the sub-topics that you think the program should not leave out or that should not be over done?  The global nature of business environments and the pervasive use of ICT for traditional core office functions are now blending with social media.  Now the risks become even more diverse, ever more so dynamic.

The convergence of thinking by security risk professionals in an organization is paramount to effective enterprise stewardship.  Does the HR recruiter and the Chief Security Officer think the same about what are red flags in the background check of a new potential candidate?  Does the IT admin think about the same red flags that the finance auditor loses sleep over every night?  Probably not.

The point is that the myriad of security risk professionals inside the organization have there own focus on the red flags that are in their respective domains, not all the others inside the same company. This is a key metric for the outcomes as a result of the delivery of the LSRP educational and skills based program.

We look forward to your ideas, thoughts and comments about "Leadership of Security Risk Professionals" in the weeks and months ahead.

No comments:

Post a Comment