Who We Are

We are an all-volunteer, member-driven organization of practitioners who are passionate about advancing risk management-based principles across Cyber, IT, and Physical security disciplines.

Our founders have had first-hand experience adopting risk-management principles during their careers. With that came a realization there is a pressing need for:

  • New thought leadership
  • More fearless approaches to address vital enterprise security risk topics

So with a vision of a future where risk principles are embraced across security disciplines, the Global Security Risk Management Alliance was born.

We drive awareness, adoption, and development of ESRM methods — across all industries where reducing risk to people and things, intellectual property and data, or operations and supply chains is a strategic priority to enable the business.

Our Mission

GSRMA strives to provide an emerging and collective global view of the management of all security risk. By recognizing the nuances and degree of risk that various threats pose to different organizations, the Alliance will analyze distinct threat landscapes, share perspective, and enhance the effectiveness of managing security at the appropriate level for the enterprise.

Our Vision

To create a forum for the advancement of security risk management through the organic and deliberate sharing and collaboration of thought leadership in security and business practices across the enterprise including cybersecurity, information security, and physical security.

Why We Care

There’s a paradigm shift afoot in the security profession. We’ve seen it coming. And we’re witnessing it happening across cyber and physical security. Why?

  • The global landscape is changing
  • Risks are evolving
  • Technology enables even more rapid transformation
  • Boards are taking interest

Progressive companies rely more on security leaders as key advisers on risk management in the enterprise across cyber and physical security disciplines.

So they’re demanding leaders who thoroughly know the business and industry in which they operate. This requires a new breed of security leader, with broader risk frameworks.

Created in 2015 by real-life security pioneers, we’ve been helping today’s practitioners embrace tomorrow’s ESRM concepts.

How We Help

From practitioners to the boardroom, GSRMA members provide expertise, insights, advocacy, benchmarking, and best practices to individuals and teams in business and government.

It’s all to empower leaders to advance ESRM principles in their professional lives and to provide a voice for ESRM champions on issues, solutions and frameworks. Here are some of the things we are known for and could be helpful to you.

Companies and Associations

Do you want to broaden the conversation about risk-based security principles? Organizations partner with us to bring the latest thinking to their teams and communities — from HR and Operations to Security, Safety, and Risk/Compliance, and more. Ways in which we have helped include:

  • Training sales forces on ESRM principles to up-level c-suite conversations
  • Research industry trends
  • Benchmark program effectiveness


Has mitigating enterprise risk become more of your Board’s concern?

We recognize the nuances of threats and degrees of risk appetite posed to different organizations So we help Boards consider ways to enhance the effectiveness of managing risk and security at the appropriate level for their organizations.

How we’ve helped others:

  • Inform Board members and executives of ESRM
  • Tie ESRM to your strategic goals and the Board’s direction and commitment
  • Recommend and roadmap ESRM to be embraced in your organization

Security Experts and Practitioners

Are you keen to find support to make ESRM more widely adopted?

GSRMA experts can help by supporting you directly and offering community groups and educational forums. Some examples include:

  • Benchmark program effectiveness
  • Roadmap ESRM to be adopted in your organization
  • Educate staff & related communities on ESRM principles and value