150 likes | 362 Views
FELABAN – FIBA BANK SECURITY CONFERENCE. September 30 - OCTOBER 1, 2010 MIAMI, FL. The 21st Century CSO Economic Pressures Challenge Security to Add Value. Ray O’Hara CPP Executive Vice President Andrews International. Historical Programs/Focus.
E N D
FELABAN – FIBA BANK SECURITY CONFERENCE September 30 - OCTOBER 1, 2010 MIAMI, FL
The 21st Century CSOEconomic Pressures Challenge Security to Add Value Ray O’Hara CPP Executive Vice President Andrews International
Historical Programs/Focus • Physical Security(Gates, Guards & Guns) • Investigations • Classified Programs • Technology Security • * basically, a pure overhead function
People • Senior Management Resistance to Upward Progression • Public Agency Recruitment • Lack of Succession Planning • No Desire for Upward Progression and Lateral Development • Headcount Reductions/1st to let go • Siloed View
Going Forward…/ Evolution • Valued Member of the “total” Organization • Essential Leader in the Risk Management Function • Profit Enhancer (ROI) to the Company Bottom-line • Defined Roles & Skills • Leads & Influences the Future • Markets to Customers
Influencing Factors • Business Alignment & Integration • Public Awareness & Media Exposure • Improved Educational Credentials • Industry & Professional Associations • Industry Publications • Pro-Active Program Approach • Certifications
21st Century Organizations Convergence ! Not Consolidation
Key Concepts of Security Convergence • Both departments must capitalize on strengths to address the inherent challenges in the other group's business • Convergence needs to be slow and measured • IT security has technical expertise but not large numbers of staff. Physical security generally has the opposite. Both groups can benefit from each other! • Transformation from traditional physical asset to information based assets
Current State and Interdependencies Operating Levers FROM TO Risk Management Asset based view Passive and infrequent ‘Not my domain’ Functionally focused Forced Technical /Jargon filled or None Functionally defined Command and Control Functional knowledge Enterprise wide view Active Board involvement Common language with peers Common and shared widely Adaptive ‘C Suite’ language Multiple competencies Empowering and enabling Broad business understanding Governance Budget Processes Standards & Guidelines Integration Business Case Roles & Responsibilities Leadership Knowledge of the Business
Ten Trends and Priorities • Convergence Has Only Begun • Movement toward the "convergence" of physical and logical security will continue and become the norm rather than the beta test scenario • Big Brother Oversight • Government regulations will create additional costs and impact a wider spectrum of industry sectors as it pertains to security and personal information • The Promise and Peril of Social Networking • The sharing of customer data and sensitive company information via Twitter, Facebook and LinkedIn are the greatest threats we’ve ever seen to proprietary and confidential information • A New Corporate Commitment • More companies are hiring CSO’s or CISO’s. 85% of the respondents of an October 2009 CIO Survey said their companies now have a security executive, up from 56% last year and 43% in 2006 • Strategy Combined with Intelligent Metrics Will Always Win • Requirement for better reporting/metrics - driven by Executive, Board of Director and ESRM models will become the norm
Ten Trends and Priorities • Hardware Technology At The Speed of Sound • Increased deployment of intelligent end-devices (lower cost) cameras, readers etc. without the need for constant connectivity to the “home base”is here to stay and grow • Law Enforcement and Private Sector Exchange Strengthens • Ever-increasing need for better public private partnerships (two-way-equally shared info and resources) will require global partnerships; which have already proven successful • New Frontiers Are Getting Smaller • Emerging market presence as corporations move into new locales with partnerships and relationships are necessary to remain competitive/alive. These situations may not be completely stable, creating challenging information, physical and personnel security challenges to support business initiatives • Large Corporate Security Teams are Becoming Small Corporate Security Teams • The trend to outsource non-core business functions, including security will increase • Jumping into the Cloud • The thought of replacing server rooms, appliances, software/hardware and general IT services with “cloud services” is simply too hard for many companies to resist. But jumping into the cloud without a security strategy is a recipe for risk
Security Roles • Protect people, property & tangible assets from loss, destruction, theft, alteration, or unauthorized access Physical Security • Information security • Disaster/business continuity • Risk assessments • Security technology • Incident Response • Investigations • Enterprise risks • Secure digital assets • Inspection procedures • Independent controls assessment • Internal / external regulatory compliance • Risk management Financial
CEO’s Expectations of CSOTen Principles To Survive & Thrive On • Be a Strategic Leader • Speak the Language of the Business • Get Involved in the Business • Hire A+ Players • Act Global/Think Global • Be a Skilled Marketer of Security • Create an Environment that Unleashes Your Team to Excel • Re-Design to Survive • Work Out of Your Comfort Zone • Prepare for the Future
Evolve or…
Andrews InternationalContact Ray O'Hara, CPP Executive Vice President Consulting and Investigations, International Operations Direct: 760.518.0425 rohara@andrewsinternational.com