RETIRED CONTENTPlease note that the content on this page is retired. This content is not maintained and may contain information or links that are out of date.
- Adrien de Beaupre, Certified Instructor, SANS Institute
- Clay Wilson, VP, Global Security Operations, Foresite
- Jason LeDuc, VP, Consulting Services, Foresite
- Atif Ghauri, Chief Technology Officer, Herjavec Group
- Chester Wisniewski, Senior Security Advisor, Sophos
- Curtis KS Levinson, United States Cyber Defense Advisor to NATO, North Atlantic Treaty Organization
- Gwen Beauchmin, Director Canadian Cyber Incident Response Centre, Public Safety Canada
- Jason Bevis, Global Director of Deployment and Integration, Mandiant division of FireEye, Inc.
- John Lamboy, CIO/Chief Information Security Officer, eKohs
- Jon Miller, VP, Strategy, Cylance
- Ken Piddington, Chief Information Officer and Executive Advisor, MRE Consulting
- Krag Brotby, Principal, Brotby & Associates
- Michael Brozzetti, Principal, Boundless LLC
- Michel Fossé, Consulting Services Manager, Information Security/IT Governance, Risk & Compliance, IBM Canada (LGS)
- Peter Davis, Principal, Peter Davis & Associates
- Rafael Etges, Executive Advisor – Cyber Security, Strata Advisory Group
- Rob Marano, Co-Founder, The Hackerati, Inc.
- Robert Hawk, Secure Network Designer/Risk and Security Assessment SME, BC Hydro
- Scott Harrell, VP, Product Management, Cisco Systems
- Stephan Jou, Chief Technology Officer, Interset (formerly FileTrek)
- Steve Woodward, CEO, Cloud Perspectives
- Alex Tosheff, CISO, VMware
- Brian O’Higgins, Executive Fellow, Mistral Venture Partners
- Security leaders must proactively monitor and evaluate major IT trends, the threat landscape, and the security market to identify input for strategic business initiatives and to become trusted advisors to the board.
- Security leaders are short on resources to fight existing fires, let alone to allocate resources to develop forward-looking insights into what may happen to their organization.
- They will need to be able to present a strong security perspective on the latest security trends if they are to be taken seriously and earn a seat at the C-suite table.
Don’t be caught unaware about something that you didn’t know existed.
- Security is not included. For almost any new disruptive technology being presented to the market, security is not included or supported by the manufacturer or seller.
- Don’t be the Death Star. Not only do security threats change and evolve, vulnerabilities can appear overnight and can be just as harmful.
- Security has left the building. Security is moving more into the hands of the experts and out of individual organizational control.
Impact and Result
- Proactively evaluating the security impact of major disruptive technology trends, threat landscape developments, and security market trends can provide a highly security-intelligent, managed risk approach to security spend.
- The CISO or security team can leverage this forward-looking understanding to influence business strategy decision making in order to realize more overall security value.
- You will have a well-defined and understood approach for monitoring and evaluating major IT security trends and opportunities.
- There will be enablement of the CISO or security leader to be prepared for eventual conversations and requests from business units and the CEO so that they may turn ad hoc security into a long term proactive program that will no longer impede business changes.
1. Make the case for looking forward, as well as proactively planning for disruptive security trends
Prepare for the likelihood of market or technology disruptions.
2. Assess disruptive security trends’ relevance to the organization through stakeholder assessments
Adapt the organization to prepare for disruptive security trends.
3. Assess current security maturity and capability levels
Assess the organization’s risk profile to better understand the relevance of certain trends.
4. Identify and prioritize actionable disruptive security opportunities
Identify which disruptive technology trends are relevant to the organization and develop methods to take advantage of them.
5. Create an action-orientated communication plan to gain stakeholder buy-in
Develop a communication plan to strategically address these trends, threats, and tactics.
This guided implementation is a seven call advisory process.
Guided Implementation #1 - What to be aware of
Call #1 - Discuss project priority and develop goals and benefits.
Call #2 - Discuss disruptive security trends and respective insights, as well as how best to communicate them.
Guided Implementation #2 - What is relevant
Call #1 - Discuss your current security maturity and capability levels.
Call #2 - Discuss disruptive security trends’ relevance and prioritization.
Call #3 - Identify internal resources and how to translate security requirements into specific actions.
Guided Implementation #3 - How to communicate this
Call #1 - Develop your communication plan by setting your goals, determining audiences, and customizing content.
Call #2 - Execute your communication plan in order to receive stakeholder buy-in and gain resource allocation.
Book Your Workshop
Onsite workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost onsite delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Module 1: What should I be aware of?
- Make the case on why you should not only be looking forward, but also proactively planning for disruptive security trends.
- Assess disruptive security trends’ relevance to your organization through stakeholder assessments.
Key Benefits Achieved
- Identified specific project goals.
- Determined trend relevance from educated stakeholders.
Present disruptive technology trend to business stakeholders.
- Relevance of the technology trends to the business, as viewed by the business stakeholders.
Collect their input via a survey.
Present disruptive security trends (including technology trends, threats, and mitigation tactics) to all IT staff.
- Relevance of all the security trends, as viewed by the IT and IT security staff.
Collect their input via a survey.
Module 2: What is relevant to me?
- Assess current security maturity and capability levels.
- Identify and prioritize actionable disruptive security opportunities based on trend relevance and company risk profile.
- Determine security actions specific to each trend.
Key Benefits Achieved
- Evaluated current security controls and determined future requirements.
- Prioritized trend-specific actions.
Assess your risk profile.
- Risk profile and security assessment of your organization’s controls.
Assess current security control capabilities and maturity levels.
- Prioritization of the security trends, along with specific actions for your organization.
Prioritize trends, threats, and tactics to properly allocate your time and develop specific actions.
Module 3: How do I communicate this?
- Create an action-oriented communication plan to gain stakeholder buy-in.
Key Benefits Achieved
- Customized communication plan.
- Gained stakeholder buy-in.
Identify goals and objectives for your communication plan.
- Identified goals and objectives.
Determine who your stakeholders are and what they need to know.
- Identified stakeholders and the pertinent information to each audience group.
Evaluate your communication methods.
- Set communication plan to raise awareness and gain buy in from your stakeholders.
Communicate the security issues with your stakeholders.