Last month I received a letter from the president of the University of Washington that conferred my appointment as an emeritus faculty member, a singular honor.
“n. one retired from professional life but permitted to hold the rank of his last office as an honorary title. Emeritus status is an honor conferred by the university to show respect for a distinguished career." (Merriam-Webster)
Many of you have already suspected that retirement from the fields of operational risk, governance, cybersecurity, or information ethics, policy, and law is just not in the cards for me. I am trying to manage myself and ASA by working fewer hours, but the world continues to present us with unprecedented challenges.
Later this month, I will be the guest on a RedSift podcast, talking about “Boards, C-Suites, Risk and Cyber.” I expect we’ll discuss the recent Securities and Exchange Commission rulemaking on breach reporting, as well as new required reporting on the level of oversight that board members provide. Another likely topic is a white paper I wrote in 2022 for the Board Risk Committee titled “Ensuring an Ethical Lens on the Board Selection Process.”
This month, I’m also appearing on Mike Howard’s podcast series, which is devoted to what he calls “selfless leadership” topics. Authorship and podcasts are Mike’s new interests, having retired after 16 years as Chief Security Officer at Microsoft and a prior 22-year career with the Central Intelligence Agency.
It’s nearly time for the annual fall conference of the Puget Sound chapter of ISACA, and I’ll be speaking on the second day of the conference (September 12) on the digital trust landscape, arguing for greater public-private partnerships in the Pacific Northwest.
Later in September, I’ll be interviewed on many aspects of my career – as a small business entrepreneur, a financial services executive, and a risk expert in a podcast hosted by EXP Technical.
At the same time, I’m taking time to reflect on how the shape of ASA will evolve, given that I have more time now for writing and speaking.
The key areas that I’ll be sifting through include:
The proper role of government in a democracy.
The importance of the rule of law.
Working harder to create a worldview around public health, climate change, gun control, immigration, and education.
The need for greater collaboration between government agencies like CISA and FEMA and the private sector, given the barrage of data attacks and increase in natural disasters in many parts of our country.
The level of confidence we can have in the custodians of our data, including the role of emerging, largely unregulated technologies.
A review of standard incident and emergency management protocols on disasters, to envision what needs to evolve, given our rapidly changing climate.
The upcoming election seems to have constrained the amount of time spent by either the public or private sector on these areas. We are clearly running out of time. We need something more than band-aids patched on old protocols to move forward. We’re working on the ASA website now and expect to roll it out with a different look and feel in mid-September. We have one last (seventh) volume of Reflections on Risk to publish. The podcast series that I am creating – What’s At Stake -- will roll out by the end of 2023. The aim of these projects is to situate ASA at the center of our national discussions of policy and practice. The scope and scale of the issues all of us face is truly daunting, and what remains essential is continued thought and engaged conversation.