Thoughts on "Risk and Responsibility in a Hyperconnected World"

Hat tip to Tim Dierking of Aclara for spotting and forwarding this January 2014 World Economic Forum / McKinsey report: "Risk and Responsibility in a Hyper-connected World." Tim pointed to a couple of excellent sections on cyber resilience and future scenarios which you'll find within, but I'm going to call out a different selection for your immediate consumption.

This below is taken directly from the McKinsey summary, which while not energy-sector specific, is right on the money, IMHO, on the culture, leadership and organizational dynamics aspects of what's needed to do security right in 2014+.  Here you go:

A CEO-level issue 

Given the trillions of dollars in play, the stakes are high. And given the range of social and business issues that cyber resiliency affects—for example, intellectual property, regulatory compliance, privacy, customer experience, product development, business continuity, legal jurisdiction—it can only be addressed effectively with active engagement from the most senior business and public leaders. 

Michael Assante Holds Forth on Cybersecurity Leadership

You've seen him here before, but for those not familar, his quals, in reverse chronological order:

• National Bureau of Information Security Examiners (NBISE) Founder, Pres & CEO
• NERC CSO
• Critical Infrastructure Protection Strategist
• AEP VP & CSO
• VP at several security start-ups
• Navy intelligence officer

Great background, right? Though he lives in the Northwest, he's pretty visible in DC as a frequent testifier on national security issues related to cybersecurity and critical infrastructure.

Here's an excerpt from a just published Q&A session I was lucky enough to engage him in. When asked:

 "... What can the energy & utilities industry learn and leverage from these other critical infrastructure industries?" Mike responded:

It is more the norm than the exception to find executive-level cybersecurity leadership in banking and telecommunications today. Years ago, both industries realized that protecting their networks, systems and data from attackers was a strategic imperative. And some industries have even gone so far as to police themselves with their own security standards. Now it’s time for electric utilities and other energy companies to elevate cyber resilience in their business planning and investment decisions.

You bet it is.

The interview is not too long ... only 4 questions, but I highly recommend you view his well-informed responses to all of them, which you can see RIGHT HERE.

Image credit: NewsMilitary.com