March 1, 2007
There was a time when chief security officers bought services such as alarm monitoring, contract officers, fraud investigations, product consultants and background checks routinely, like buying a carton of milk.
Now CSOs and security directors seek and hold onto services that partner with them for shared business success. In addition, a new group of services works with CSOs in terms of education, leadership and business skills.
Lynn Mattice knows and pushes the service changes.
One of his “prescriptions” these days is matrix management in the context of security.
Mattice, vice president and chief security officer for powerful Boston Scientific, a worldwide developer, manufacturer and marketer of medical devices whose products are used in a broad range of interventional medical specialties, is as focused on organizational silos as some of his fellow employees are focused on medical stents. And he has helped influence his own profession thanks to his involvement with a unique service organization – the CSO Executive Council. That group is pioneering as it explains and encourages a business leadership attitude among security management executives at the top U.S. and international enterprises.
NEW WORLD FORMINGMattice sees a new world forming. “Silo forms of management rarely work and, in most cases where they have been built, the CSO ultimately is replaced with a more progressive executive to lead the function,” said the executive. “The most effective security programs drive accountability and responsibility at all levels within the organization.”
Such views of emerging security leaders have helped the CSO Executive Council elbow its way quickly among longer-existing service organizations such as ASIS International and the International Security Management Association. It’s also impacted such service sectors as consultants, specifying engineers and even systems integrators, who more often keep their eye on the purchase, installation and maintenance of security products and systems and not the organizational evolution of their clients.
According to Robert Hayes, CSO Executive Council managing director, the Council is an international professional membership organization for leading senior security executives spanning all industries, both the public and private sectors, and the globe. “Our members seek innovative issue solutions and documentation of model core security programs. The Council uses professional staff and a distinguished faculty of former CSOs and content experts to develop, based on member requirements, strategic services and products for the entire membership. Unlike typical peer-to-peer organizations, we don’t depend on member volunteers; members are involved in projects to the extent they desire to. Our vision is to deliver cost effective solutions to our members that are unavailable from any other source,” observed Hayes.
Boston Scientific’s Mattice holds membership card number one.
BREAKING DOWN BARRIERS“No other organization has so effectively broken down the barriers to developing understandings between the corporate and IT security worlds as well as developing real partnerships and collaboration between the public and private sector,” added Mattice. Such new-age services resonate with many high-ranking security executives.
Anton Bommersbach, senior manager of global security with the Wm. Wrigley Jr. Co., said, “It not only brings together proven experts within our industry, but it is supported by a team of researchers and project managers tasked with developing and delivering time-tested programs, all while keeping a watchful eye on the horizon preparing us for what lies ahead.”
Emerging security services also reflect advances including convergence.
“The Council provides a trend of convergence between the CSO and CISO, leveraged together to get results. What a concept: seeing innovative and repeatable finished products, which we can use in the real world,” commented Scott Day, the chief information security officer at Cargill, Inc.
Other service sectors are catching the leadership bug, too.
Contract officer services, investigative and background screening firms, consultants, alarm monitoring services – commonality today means they want to help the CSO as a business leader.
Added Mattice, “First and foremost, an effective CSO must have a solid foundation and understanding of business. The CSO must also be an effective leader, and motivator of people; the ability to communicate with all levels and influence outcomes is absolutely vital.
“The CSO must be able to provide comprehensive business intelligence on risks and trends on the horizon around the world that can affect the business and then be able to assist in transforming risk mitigation into actionable plans to ensure continuity and resiliency of business operations. Having a good grasp on technology, the systems and the issues surrounding the development, transmittal, storage and reliability of intellectual capital is of utmost importance in today’s world; and the having a solid understanding of investigative processes and physical security safeguards ensures that a holistic approach is taken across the company to implement a well rounded and proactive security program that effectively manages risks in the business enterprise,” said the Boston Scientific CSO.
If the CSO Executive Council is the new face of security services, contract guarding companies have – at least at the top level of top enterprises – experienced their own “extreme makeover.”
OFFICER SERVICES SPECIALIZEFor example, AlliedBarton Security Services brought in Glenn Rosenberg as vice president for the firm’s specialized service offerings in the higher education sector. Targeting security officers to specific businesses is an approach that Ben Gollotti of Drexel University appreciates.
Gollotti, senior associate vice president for public safety at Drexel, said that the key to finding the right security service is “building a relationship with the contractor. With an officer force, I don’t just want a warm body. I want my contract security service to live and breathe Drexel. The patch on our officers’ uniforms is Drexel. I want additional training programs and a management program” geared to his environment.
Gollotti also got a high level person at his service who knows his business.
Rosenberg has worked in higher education for more than 30 years as a senior university administrator, management consultant and business developer. “Glenn’s background and expertise in both higher education and sales makes him the ideal leader to grow our specialized service offering in the higher education market,” Bill Whitmore, CEO, AlliedBarton Security Services, told Security Magazine.
Service firms also now work with security organizations to better understand specific business needs as well as work together to improve the level of professionalism. Rosenberg, for instance, is proud of his partnership with the International Association of Campus Law Enforcement Administrators or IACLEA in such areas as corporate resources, regulations and best practices.
Drexel’s Ben Gollotti gets more from his service provider, too. His operation is one of the leaders of technology with security video, access control, emergency call boxes, while looking at handheld devices for officers and facial recognition. But he knows technology is only part of a solution. “Security needs that personal touch” to succeed.
DIVERSE SERVICES INTEGRATEOther enterprises have gone a step or two beyond by combining contracted security officers with high tech gear operated, sometimes off-site, by the service itself. A case in point: HR Exponent Data Center in Addison, Texas relies on SGI Protective Services to deliver a converged suite of security services. SGI, a SYSTEMSgroup company, provides HR Exponent with security officers during business hours, and IP video monitoring and security patrol response after business hours.
HR Exponent maximizes its security budget by using security officers during business hours and video response after hours, all from one source. “The return on investment achieved by (such an arrangement) reduces guard staffing costs and improves tenant satisfaction,” said Martin Cramer, CPP, of SGI Protective Services.
Building management services also are diversifying into other sophisticated security for their enterprise tenants.
Visitor management is one growth area.
Lobby security is a complex effort. Security Magazine readers in a past report were told then by William Wipprecht, CPP, senior vice president, CSO at Wells Fargo Company, that his headquarters is comprised of three adjoining buildings which share a common lobby and basement. It is bordered by three major streets and a working alley.
Many facility management services share Wipprecht’s challenge.
And many of them are adding higher level visitor management services that, at times, integrate into security as a tenant service.
New upgrades to visitor management software now can scan licenses, passports and business cards automatically while printing out professional looking, customized badges by visitor type. For example, new software from EasyLobby also offers enterprise-class, central administration by a building service firm as well as multiple, programmable security alerts on screen and via e-mail/SMS, including “watch list” with automated online denied party and sex offender screening. There’s even a kiosk mode for self-registration.
BACKGROUND SCREENING GETS COMPLEXAnother specialized service that’s grown is background screening. Decades ago, security directors, coming from law enforcement, would conduct their own background investigations. No more. Regulations, increased liability and the need for more sophisticated screening goals have shifted the work to specialized outside services.
At government, industrial and business organizations, for example, firms like ChoicePoint provide decision-making technology and information that help reduce fraud and mitigate risk. Through the identification, retrieval, storage, analysis and delivery of data, such services serve growingly more complex informational and security needs.
Still another screening model from firms such as HireRight and IntelliSense (Intelius) centers on job candidate screening for human resource directors, CSOs and corporate legal counsels.
SIDEBAR: Five Tips for International Background ScreeningLooking at taking a corporate screening program global? Here are some items to meet strategic goals, according to Traci Canning, director of international operations, HireRight.
1 Understand the Regulations
Each country has its own laws and processes to govern what information can be legally obtained, how it can be transmitted and what information is required to complete a particular check. Even in countries where criminal history checking is done for pre-employment, the ways in which records are stored can vary widely.
2 Get Familiar with the Culture
Laws governing employment screening are just as important as language, culture and political environment.
3 Be Consistent
It’s worth every effort to maintain consistent screening procedures wherever possible. This will help establish tighter controls for a program that is more clearly understood and embraced around the world.
4 Take Advantage of Screening Technology
The demands of international verifications may be complex, but the challenges are not insurmountable – or cost-prohibitive – when leveraging technology in the screening and review processes. Many international screening resources, including in-country research experts and databases, can be accessed via the Internet, through a sophisticated screening provider.
5 Leverage the Local Experts
Technology also enables one of the most important components of international screening – a platform that can facilitate a worldwide network of in-country experts.
SIDEBAR: Consultants Branch Out Their ServicesIf anyone knows how consultant services work and succeed, it’s Charles Sennewald, honored by Security Magazine as one of the 25 Most Influential security executives. In the latest edition of his book, Security Consulting, he updates and expands on forensic consulting, the need for professional growth and the use of technology in consulting, including connecting with CSOs and security directors on-line. New information on insurance and liability adds to consultants’ helpful services.
“The growth of security management consulting as a profession parallels that of the entire industry of protection in the private sector, whose products and services have dramatically expanded in the last two decades. The increasing demand for consulting services comes as no surprise with the heightened need for security following 9/11, along with all the corporate down-sizing, out-sourcing and technological advances,” commented Sennewald.