Grant Lecky: The Visionary

When Grant Lecky has a dream, he doesn't sit around and wait for someone else to make it come true. Instead, he does whatever it takes to make that vision a reality.

Case in point: In 2010, Lecky was finishing a master's degree in security and risk management at the University of Leicester. He got to asking why security is not considered a true profession in the business world and what would have to happen to elevate its status in Canada.

"I kept hearing that the industry is fragmented. People don't know how to find other experts in security in Canada," says Lecky. "There was no means to connect people. There was no body of knowledge." The problem was exacerbated by a poor economy, the large distances between many Canadian cities and the relatively low population density.

The solution, Lecky believed, was not to create another industry association-there were already so many of those, and they were generally ineffective. Instead, he envisioned a new kind of organization, a partner to security associations and professionals, that would form an agile network for sharing best practices and other information, and he made it happen surprisingly quickly.

After finishing grad school and while working as the departmental coordinator for business continuity and emergency management at Citizenship and Immigration Canada, Lecky founded the Canadian Security Partners' Forum (CSPF) in 2011. His colleague Bonnie Butlin was at his side and instrumental in the launch, he says.

Roughly a year after its birth, the organization already had 80 association members; now it has 119. A nonprofit, the CSPF does not charge a fee for participation, and gets all of its small budget from sponsorships.

"We're a friend to the associations," says Lecky. "In some cases, we are a magnifier for them. People have their associations, but they also have the forum to tap into and share best practices. It's about cross pollination and making security [and] public safety more professional." In his day job, Lecky evaluates security risk management, including hazards-related risks and business-disruption risks. "In my role, I have to build resilience for the organization. The way to do that is break down silos and share information," he says.

Being part of the forum makes people more resilient professionals. "If we have a resource to tap into to develop a better understanding of the risks we face, we become more resilient individuals. The forum is a resilient entity thanks to its community of best practices," he says.

In a country with 33 million citizens, the number of security professionals likely totals in the hundreds of thousands. "The amount of information that can be shared is just unbelievable. Information and best practices can help them see different views and make different decisions," says Lecky, who estimates the CSPF has the ability to reach out to millions of people all over the world in a matter of minutes via its email list, LinkedIn groups and association Facebook pages.

The CSPF is busily launching programs and events, including a Cybersecurity for Executives lecture series designed to raise security awareness. The group is also now working with its association members to develop a framework for dialog across security-related fields, including business continuity, emergency management, risk management, critical infrastructure protection, defense and intelligence.

Thanks to its fast start, the CSPF is now getting a lot of attention from security professionals in other countries who are interested in following suit. "I'm seeing other countries following our example or adopting a variation of what we're doing," says Lecky. Australia, for example, is working on creating a security alliance.

Work on the CSPF might seem burdensome for someone, even without the additional weight of another full-time position and without the prospect of greater fortune. "I don't like being bored," says Lecky. "The reward right now is a job well done. I'm furiously stubborn. If there's something I feel needs to be done, I will just go and do it."

Read more about security leadership in CSOonline's Security Leadership section.

Join the CSO newsletter!

Error: Please check your email address.

Tags Grant LeckyCompass AwardssecuritySecurity LeadershipCanadian Security Partners' ForumCSPFnonprofit

More about Facebook

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Lauren Gibbons Paul

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts