If you were to secure a room you would kick everyone out of the room and then you would lock the doors and announce the room was secure. But now, since no one can go in the room and use it, it’s not functional. That’s why discussions of security must really be about risk management and they need to be about how do we make services people want to use, like the room, functional, explained Bobby Ford, vp, global CISO, Unilever in our conversation at Cybertech in Tel Aviv.

Ford and I went into a long discussion about risk management and who should own the risk. We generally think the business, but there have been arguments for having security owning risk. See Bobby’s reason why you don’t want to do that.

Got feedback? Join the conversation on LinkedIn.