Client–Industry Consortium for Advancement of Security on the Internet
Service: Business Performance—Strategic Planning Consulting
The Industry Consortium for Advancement of Security on the Internet (www.ICASI.org) is a ground-breaking, non-profit, multi-vendor collaboration of global information technology leaders whose mission is to drive excellence and innovation in security response. ICASI was founded by Cisco Systems, IBM, Intel, Juniper Networks, and Microsoft in June 2008. The founders first conceived of the idea to launch a collaborative effort in the summer of 2007. With many details to work out regarding how these global companies could collaborate on sensitive security issues, what type of organization to form, how to fund it, etc., it took almost a year to prepare for the formal launch and public announcement.
In the spring of 2008, the steering committee was focused on ironing out the operational details of how members could collaborate in a meaningful way. Driving consensus among the members was particularly challenging. ICASI was the first attempt of these global technology leaders—each of which had its own objectives—to collaborate on this scale. Even within member companies, buy-in at the highest levels on the value of ICASI was tenuous. Not surprisingly, the bigger strategic picture had faded into the background as these details were addressed. Fortunately, ICASI leaders recognized a more formalized, strategic approach would be required if the fledgling organization were to launch successfully.
With only three and a half months to go before the scheduled public launch, ICASI engaged the Change Leadership Group (CLG) to provide a strategic marketing consultant to help the steering committee re-articulate the long-term vision for ICASI and put together a comprehensive marketing plan. Quickly grasping the complexities of the situation which included uncertainty about resource commitment and program funding, the CLG consultant developed several options for ICASI to consider. He then worked with the ICASI’s program manager and the steering committee members, both individually and collectively to clarify ICASI’s vision and mission, choose a path, and develop a roadmap that set the foundation for ICASI to move forward. Based on the plan, the CLG consultant worked with the member companies’ Public Relations teams to craft and approve a comprehensive PR plan for the official launch on June 26, 2008.
After the launch, ICASI extended the consulting engagement for Change Leadership Group to help produce its first deliverables. During its first six months of operations, with the help of the CLG consultant, ICASI developed the information technology industry’s first-of-a-kind Unified Security Incident Response Process (USIRP). Comprising a trusted forum and supporting processes, procedures, and tools, the USIRP enables Security Incident Response Teams (SIRTs) from ICASI member companies to collaborate quickly and effectively to resolve complex, multi-vendor Internet security issues. The CLG consultant’s research, insights, and strategic guidance helped to drive agreement amongst the five member companies’ incident response teams. This was no small feat considering that each team had its own well-oiled incident response process that did not include engaging other companies’ teams in a formalized way.
Throughout the engagements with ICASI, the CLG consultant continued to ask the hard strategic and tactical questions that people sometimes lose sight of. He helped the steering committee, and eventually the Board of Directors, maintain a relentless focus on delivering customer value.
ICASI officially launched in June, 2008. Since that time it has started to demonstrate value, both to its customers and to its member companies. In the summer of 2009, ICASI triggered the USIRP to address a global security threat. The successful use of the collaborative process to address this threat significantly raised the perceived value of ICASI in the minds of the member companies and of other vendors. This is evidenced by the fact that Nokia, a global leader in telecommunications, joined ICASI as a Founding member in September of 2009.
Critical challenges during the formation of ICASI could have led to the demise of this innovative organization before it ever got off the ground. The Change Leadership Group helped keep ICASI members aligned around a common goal and helped to guide the leadership through difficult decisions that set the foundation for future success. Thanks in part to the help of the Change Leadership Group, ICASI is now a viable, mission-focused, global organization working to drive excellence and innovation in information technology security response.
“Change Leadership Group’s contributions on the Unified Security Incident Response System project were instrumental in developing a common framework for communication and collaboration during security incidents.”
Senior Security Strategist
Office of the CTO, IBM Internet Security Systems
“The CLG consultant had a unique blend of technical expertise and marketing savvy that was the perfect combination for our project. He listened carefully to the stakeholders and distilled those inputs into a coherent, effective implementation and marketing plan. The consultant was an excellent sounding board for our concerns and challenged us to think outside the box and take a long-term view.”
Senior Information Security Analyst
Threat Intelligence and Infrastructure Protection