Jonathan Calof's picture
Changing the dialogue – Securetech Day1
Posted on Nov 26, 2015

I will focus on three of the many elements of what I saw on Day One of the Securetech conference, to drive home the importance of what I saw at the event.

Networking and dialog – As those who follow my articles on columns on Event Intelligence know, I view trade shows and conferences as unique opportunities to collect information and develop networks. Normally We concentrate on discussions at booths or questions asked of speakers, and Securetech has not disappointed on either front (see for the agenda for the event).  What struck me on the first day, however, was how much more of the dialog was taking place in the aisles of the trade show and at individual tables of the conference track. This is clearly the opportunity to reconnect or even connect with those in your industry. I walked the floor with one delegate (an ex-student) and noted that he did not make it even half way down one aisle in two hours as far too many people wanted to speak to him!! This is among the more “social” shows that I have seen, and a testament to the value of smaller, more focused events from a basic networking perspective. 

A new “look” for government – The innovation stage (aptly named for what you see at it) had presentations from several organizations including two from the National Research Council. Apart from the fascinating material, it was evident that these civil servants are following the new Prime Minister’s directive and are very open about their work – and the interaction did not end at the stage. FronLine Safety and Security has, in its most recent issue, an article based on interviews at the NRC – a process that was refreshingly swift. These scientists are eager to talk about their progress. Kudos to Steven Gwynn from the NRC, not just on his presentation on simulating safety and security (a discussion on the tools that the NRC has created, and readers will want to find more about), but for also putting on an excellent presentation even when the technology cut out on him. You represented the NRC well in what even the most seasoned presenters find to be a difficult situation.

Interesting dialog in the conference.  Space prevents me from giving a recount of all seminars and speeches. but let me focus on cybersecurity, the subject of one of the conference tracks and the keynote luncheon speech by RCMP Commissioner Bob Paulson.

Commissioner Bob Paulson keynote speech to Securetech attendees.

The conference track had John Proctor (CGI Canada), Paul Ionescu (IBM), Abhay Raman (Ernst and Young), and Ashok Sankar (Raytheon). Between the four track speakers you have broad experience that they were clearly willing to share with the audience. The key message of the four and of the RCMP commissioner though was fascinating – changing the dialog and perspective around cybersecurity.   On the surface it was a stark and scary message from all about how while “prevention” of cyber incidents is desirable it is not the sole objective in cybersecurity, nor is it fully realizable. Mitigation of damage should also be a focus and, in fact, the role of the Chief Security Officer is also changing – from the "office of no" as one speaker described it, to a "business enabler." In other words, given the reality of cybersecurity threats (you will not prevent them all), how do you help the business “work” rather than get tied down in constant minutia of security protocals? This changing role is also demanding thought to a change in reporting relationships with a more direct line to the CEO.  The need for dashboarding of cybersecurity, including new metrics that reflect this new reality, including “dwell time” (the amount of time that hackers spend in the system). Note this is not about preventing the hacker from intruding into your system but minimizing the time in the system. Again a movement towards mitigation.

Finally, all speakers focused on the need for better threat intelligence systems. Again there is much more that the speakers talked about and perhaps I will write an article around it for FrontLine.

– Jonathan Calof Professor, Telfer School of Management