The Alliance for Enterprise Security Risk Management: A partnership of the three leading international security organizations, formed to address issues surrounding the convergence of traditional and logical security.

Dave Tyson

City of Vancouver

Dave Tyson, CISSP, CPP, is the chief security officer for the City of Vancouver. Over the last few years, he has become not just one of the thought leaders in the field of security convergence, but one of the few practitioners to successfully implement convergence in a complex, multi-stakeholder environment—in this case, one of the world’s leading cities.

The requirement of a major city to provide its citizens and stakeholders with the full spectrum of public services—from parks to policing—inevitably exposes the organization to broad and diverse risk. Tyson’s role as CSO, the senior manager responsible for both IT and physical security, is to identify and mitigate that risk in its many forms. Originally appointed to head up IT security for the city, Tyson quickly identified the potential for convergence and proposed an innovative, results-focused development model for security. Having gained the confidence of city managers—as well as a new role and job title—he set about making his plan a reality. He merged guard operations and IT security policy compliance, risk assessments, investigations, deployment, and even storage of CCTV.

“Effectively,” says Tyson,”we have brought together our physical and IT security and integrated them into a formal, collaborative, strategic approach.”

Amongst his achievements was moving CCTV archiving to a storage area network (SAN), thereby reducing the need to purchase DVRs and NVRs. By placing 3.5 Terabytes of data on SAN distribution at a cost of $15,000 the city will see a reduction of $500,000 in storage costs over the next five years.

Thanks to Tyson, Vancouver now stands at the leading edge of converged security, one of the few North American cities—and the only one in Canada—to possess a converged security function.

Tyson learned physical security the hard way. He started out as a security guard for one the West Coast’s leading guarding companies, eventually ending up as its vice president. It was approximately 10 years ago that he realized the importance, and the inevitability, of security convergence. When he earned his MBA, he chose digital security management as his specialty, recognizing the important role that such a discipline would play in the future. To enhance his hands-on knowledge of IT security, he studied for, and gained, his CISSP certification. This, in combination with his CPP, gave Tyson a breadth of expertise that few security professionals possessed. He is currently pursuing CISM certification.

His MBA led in part to his appointment as a consultant with IBM Global Services. At IBM, he worked with numerous Fortune 500 clients, helping to move them toward an enterprise view of risk management, bringing IT and physical security together. He worked for clients in 14 countries across North America and Europe. At this time, he began writing on the subject of convergence.

Today, Tyson is the 2006 IT Security Council Chairman for ASIS International and is currently in the process of finishing a book (for publishers Butterworth Heinemann) about physical and IT security convergence and, more importantly, how to achieve it. Tyson is in constant demand on the international speaking circuit and misses no opportunity to preach about the benefits of convergence. He believes that one of the biggest challenges is education and, in addition to his extensive writing and public speaking, he has worked with ASIS and (ISC)2 to design a cross-promotional program to introduce traditional and IT security professionals to other certifications.

Until recently, Tyson also sat on the national CIO Subcommittee on Information Protection, an organization composed of the provincial IT security leaders and the federal government, and representing municipalities through the Municipal Information Systems Association.

Tyson is also a member of ISACA and the Information Systems Security Association (ISSA), and he has been involved in the alliance that has been formed by ASIS, ISSA and ISACA to address convergence and enterprisewide risk management.

Dubbed “Mr. Convergence” by Canadian Security Magazine, Tyson has not been content to simply lead his own organization down the path to convergence, but has also worked tirelessly to become one of the leading evangelists of the discipline on the international stage. He is a worthy candidate for the AERSM Excellence in Security Convergence Award.

 

 

 

 

Copyright © AESRM 2008, All Rights Reserved.