ICONIC 2025 | ESRM -Why and How

Speaker: Stephen Mathezer, Vice President, Service Delivery & Innovation

Event: iCONIC 2025 | June 5, 2025

In this session, Stephen Mathezer introduces Enterprise Security Risk Management (ESRM) as a strategic approach to align cybersecurity efforts with organizational mission and risk. He challenges the common checklist approach to security, emphasizing the need to understand the "why" behind security investments and focus on protecting what matters most.

Stephen explores the complexities of today’s security landscape—including tool sprawl, skills gaps, and poor integration—and explains how platform-based approaches and strategic outsourcing can help organizations simplify, scale, and get better value from their cybersecurity programs.

He also highlights the shortcomings of cybersecurity education, the importance of business understanding and communication skills, and the benefits of "talent on demand" models for specialized expertise.