When Cyber Meets Physical: Building Executive and Employee Protection Programs That Actually Work | A Redefining CyberSecurity Podcast Conversation with Roland Cloutier, Principal of The Business Protection Group
Most organizations treat security as a technology problem -- but when executives are threatened, employees are caught in disasters, or physical and cyber risks collide, the gaps in that thinking become dangerously clear. Roland Cloutier, Principal of The Business Protection Group and former Global Chief Security Officer at TikTok/ByteDance and ADP, joins Sean Martin to explore what it really means to build converged executive and employee protection programs that reflect the full scope of modern risk.
The ITSPmagazine Podcast · Sean Martin, ITSPmagazine Redefining Security, Roland Cloutier
Audio is streamed directly from the publisher (chtbl.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
⬥EPISODE NOTES⬥
The conversation that led to this episode started with a LinkedIn post -- and it quickly surfaced a challenge that security leaders across industries are wrestling with but rarely talk about openly: who is actually responsible for protecting the people inside an organization, not just the systems they use?
Roland Cloutier has sat in some of the most demanding security leadership seats in the world -- Global CSO at TikTok/ByteDance, a decade as Global CSO at ADP, and VP and CSO at EMC -- and he now advises CISOs and CSOs through The Business Protection Group. His lens is converged security: the deliberate integration of cyber, physical, privacy, and people-risk under a unified program and leadership model.
Roland identifies three patterns that typically bring organizations to him. First, an emergent crisis -- a threat against an executive, a workplace violence incident, a travel security failure -- that suddenly exposes the absence of a coherent protection program. Second, a cost and structure conversation where the CEO is tired of receiving two different risk pictures from two different security leaders and wants a single accountable voice. Third, a board-driven inquiry where general counsel or the CEO is being asked questions about executive resilience and duty of care that nobody inside the organization can confidently answer.
What makes this conversation particularly sharp is Roland's framing of convergence not as an org chart exercise, but as a force multiplier. A unified threat intelligence picture -- one that covers cyber, physical, executive, brand, and customer risk simultaneously -- enables cleaner prioritization, better resource allocation, and a fundamentally stronger conversation with the CEO. The alternative, which he has seen firsthand, is four separate threat management platforms reporting independently with no team working across all of them.
The episode also pushes into territory that most security programs have not yet mapped: employee protection at scale. Not bodyguards for everyone, but the organizational consciousness to monitor for geographic threats, proactively check in with distributed employees during major events, and build a duty-of-care posture that extends beyond the office walls into people's home lives and total risk environment. For high-risk employees -- those with keys to the kingdom, not just C-suite titles -- that responsibility extends further still.
For CISOs and CSOs wondering where to start, Roland offers a practical crawl-walk-run framework: start with shared services rather than full convergence, open the conversation with leadership, surface the gaps the business already knows exist, and build a financial and risk model that makes sense for your specific organization. The goal is a converged security program that treats people -- not just infrastructure -- as an asset worth protecting.
⬥GUEST⬥
Roland Cloutier, Principal at The Business Protection Group | On LinkedIn: https://www.linkedin.com/in/rolandcloutier/
⬥HOST⬥
Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/
⬥RESOURCES⬥
The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/
More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcast
Redefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq
⬥ADDITIONAL INFORMATION⬥
On ITSPmagazine: https://www.itspmagazine.com/
On YouTube: https://www.youtube.com/@itspmagazine
On LinkedIn Newsletter: https://itspm.ag/future-of-cybersecurity
Sean Martin's Contact Page: https://www.seanmartin.com/
⬥KEYWORDS⬥
roland cloutier, the business protection group, sean martin, executive protection, employee protection, converged security, physical security, ciso, cso, duty of care, threat intelligence, workplace violence, security convergence, business resilience, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast
Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.