“To succeed, Security & Risk leaders need to be part of the business strategy.” If I had a nickel for every time I’ve heard someone give some variation on that piece of advice, I’d be rich. As you all know, that’s an easy thing to say but a difficult thing to do. And that’s particularly true now, because our business leaders today are prioritizing growth – they’re entering new markets and releasing new products and services to grow revenue. Your business will unleash the creativity of its entire extended enterprise ecosystem – employees, partners, suppliers, and current customers – to find new ways to win and serve new customers. And your extended enterprise will connect via mobile and social applications and use cloud services. 

And no, this is not the part where I caution you about all the terrible things that can happen to your company thanks to those innovative technologies from consumer-land. Instead, I’m going to echo my colleague Chenxi Wang’s wise advice: “Run at the threat.” To deliver on our core mission as Security & Risk professionals – safeguarding intellectual property, managing third-party risk, complying with regulations, and anticipating the next cybersecurity threat, etc – we need to seek out these efforts to reach new customers and join them. Paradoxically, the best way to keep our firms safe is to partner up with the developers, channel salespeople, marketers, and end customers who we’ve traditionally viewed (if we’re honest) as “part of the problem.” My whole team and I, plus Security & Risk leaders from GoDaddy, Harland-Clarke, and Nationwide, look forward to working with you on these issues at Forrester’s upcoming Security Forum on November 9-10 in Miami. For a sneak peek into the content, check out this short video.