ESRM – Your New Superpower

It’s a bold statement – ESRM is your new superpower!  But it’s one I truly believe in and have tried to bring to life for the past decade and a half.  We can positively influence the success of our organizations if we implement our security programs following the philosophy of Enterprise Security Risk Management, or ESRM.

I’ve been presenting the value of developing a risk-based approach to security programs since 2008 and writing about implementing security programs using the principles of ESRM back in 2011.  I know, I know…that’s a long time to keep focused on one topic!  But I believe in this approach so much that I started TaleCraft Security based on the idea that you can create a resilient security program using ESRM.

The research and body of knowledge surrounding ESRM has grown over these past 15 years from the initial forays into talking about risk, to textbooks dedicated to ESRM, and now global guidelines on how to implement a program and assess its maturity.  We’ve seen the resurgence of ESRM, watched how ASIS announced its commitment to this security management philosophy, and seen how other security associations are referencing the approach.

How can this become your superpower?  You need someplace to start.

That’s where TaleCraft Security comes in.  What if you could reach out to someone who’s been in your position, saw the value of ESRM, and adapted this philosophy to their organization?  And that it happened a few times, in a variety of industries?  What if you could learn from their mistakes, replicate their success, and build your own path to becoming a trusted advisor to your executives?  What if you reached for that cape?

It sounds far-fetched, I know.  But I’m proof that you can really do this! 

The challenge for me, earlier in my career, was figuring out what role Security really plays in an organization.  I started my career watching leadership teams battle with executives and other departments for budget, relevance, and acceptance.  I saw firsthand the “no” culture created by security departments: no, you can’t do this because it’s against policy/process/standards.  I watched my leadership kill initiatives because it was “too risky”, or that they weren’t willing to accept the risk.  Well, it was never our risk to accept!

Now, you have an opportunity to change that thinking by using ESRM as your framework.  You can gain this superpower by learning what it takes to design and implement an ESRM based security program from someone who’s done this before.  And you get to see first-hand how to mature from being a “security” leader to becoming a “trusted business advisor” using the principles of ESRM.

Book a session now with TaleCraft Security and let’s work on getting you that cape.