The conference's second "SINET Thinks Forward" talk was given by Roland Cloutier (Senior Vice President and Chief Security Officer, ADP).
Cloutier outlined five fundamentals: a successful program should be converged, by design, with active decisioning, transparent integration, and ubiquitous ecosystem defense.
Convergence comes down to focus and total cost-of-ownership.
Security by design is security as a component of quality.
Active decisioning combines risk, control, and cost data. How do I get to the level of risk reduction? It should enable an organization's security managers to make sound decisions at the time of an incident.
Transparent integration preserves security without degrading user experience and imposing high costs.
Ubiquitous ecosystem defense is the toughest fundamental to address. It asks everyone, where does your job stop? And that, Cloutier, concluded, is particularly difficult with widespread migration to the cloud and an increasingly sophisticated understanding of third-party risk.