Tony Spurlin
ISE® North America People's Choice Award Winner 2005
ISE® Southeast Project Award Winner 2016
Since I last spoke with T.E.N. for my original Success Story, I have transitioned into a new position. As of March 2016, I now work with EarthLink as their Vice President and Chief Security Officer—and I can in part thank T.E.N. for this success. T.E.N.’s events provide the opportunities to get out into the community; exchange ideas and learn from other CISOs; and demonstrate the projects that teams have worked diligently on to improve their Information Security strategy. I believe the combination of all these benefits helped contribute to my new place within EarthLink and to my ever-growing success on their team.
I have continually engaged in T.E.N.’s events through the years, and I believe one of the key aspects of these events is connecting with peers in the industry to exchange industry ideas and solutions. I have learned a lot just by listening to other security professionals at T.E.N.’s events discuss their successes and failures—and no executive’s experiences are ever the same. As a result, during each ISE® Program event my teams garner a wealth of unique knowledge from the fellow security professionals we speak with and listen to. We can then apply their ideas and pieces of advice to our own strategies, avoiding future mistakes and uncovering further success, which inevitably improves our overall security strategy. The way the ISE® Programs are set up—to facilitate communication and idea sharing—has been incredibly beneficial to the expansion of my and my team’s Information Security toolkit.
I really enjoy the format of T.E.N.’s ISE® Programs—in particular, I appreciate the roundtable discussions during the Executive Forum events. Rather than a large crowd of executives participating in the same general topic, during the roundtables each individual table had a unique topic with a concentrated set of professionals. Having designated groups focused on one topic allows us to all participate and engage with one another on a very in-depth level, discussing current topics, solutions, and experiences in the industry. I cannot think of one ISE® event I have attended where the discussions and panels weren’t incredibly useful and extremely relevant to the current trends or challenges we’re facing in Information Security.
Furthermore, if a particular security professional wants to meet with a specific vendor in an amiable, relaxed setting, where else would they find that unique brand of communication but at the ISE® Programs and Private Dinners? While plenty of security events around the country offer vendor interaction, many times their purpose is far more focused on sales and pitching. But vendors who attend T.E.N.’s events are there to establish relationships with these professionals more than to sign contracts, which allows executives to feel more comfortable and open to interaction. Though the ISE® events are certainly business-centric and focused around professional topics, T.E.N. is nonetheless able to strike a delicate balance between “casual” and “professional” at their programs. Because of that, guests are comfortable sharing ideas and speaking with solutions providers without worry.
Because T.E.N. holds a magnifying glass over Information Security, putting a significant amount of focus on the industry, organizations have no choice but to take notice of what their security teams are accomplishing. For example, one of the most important changes in my personal career as a CISO is my strengthened communication with my organization’s board of directors. Think about how the Information Security industry started—security teams were a small piece of an organization, rarely receiving due recognition or full cooperation within companies. But now, each quarter, I have thirty focused minutes in front of the board to discuss our strategy progress, potential risks, status of compliance, and more regarding the company’s Information Security. The board cares about our department and what our work means for the organization as a whole, and I can thank T.E.N.’s events through the years for that change. Connecting CISOs together, allowing them to collaborate on ideas and industry topics, and celebrating their successes and ventures in their work at the ISE® Programs has paved a path for IT teams and their InfoSec strategies to rise up in the ranks of significance within organizations around the country. Without T.E.N.’s dedication, I don’t think that would have ever been possible.
One of the biggest problems for this industry is getting teams and CISOs in front of people to talk and share their ideas and strategies. That makes these ISE® Programs all the more important—the exposure and recognition they provide are invaluable, especially as an ISE® Awards nominee. Should you nominate yourself or your team? Absolutely. In fact—why not? Information Security teams work very hard throughout the year to implement successful new programs that should be shared and applauded; and CISOs deserve just as much proper recognition in the industry for their leadership, continued diligence, and passion. When these leaders and teams participate as nominees, all the professionals in attendance learn about their progress, innovative projects, and what worked best for their organization. The ISE® Awards and Programs prove to us that, yes, we are bettering this industry. We are making a difference.
As Information Security professionals, we focus very intently upon protecting our organizations as our main goal. But throughout my career I have learned that we have a second, equally important goal: creating the next generation of industry leaders. For Information Security to prove valuable and continue to succeed in a rapidly developing world, we have to recognize the new professionals who are rising up in the industry. One day these pioneers will take up our places after us, and the ISE® events are the perfect opportunities to lift up these new professionals and provide them with the advice and knowledge that they require to move forward.
I will continue to be an active and willing participant in T.E.N.’s programs until I can figure out how to make myself retire. I’ve watched T.E.N. develop throughout the years and aided them where I could—and they continue to amaze me. Their organization is developing and growing rapidly, and yet they are still able maintain a team-oriented, welcoming environment not only at their events but in their communication with security professionals. Each year T.E.N. continues to refine their events, develop even better programs, and encourage engaging, thoughtful discussions. T.E.N. and their ISE® Programs are helping shape the industry and improve Information Security for the better. That is an incredible legacy! They pull off small miracles every day.