Security 500 conference     

 Don’t miss the networking event of the year for security executives!
Register today for the Security 500 Conference.

2012 Security 500 Leader Profiles

Jeff HaukJeff Hauk, Chief Security Officer & Emergency Response Coordinator

 

The Big Freeze

 

“It was the big freeze in 2011, actually,” says Jeff Hauk, Chief Security Officer and Emergency Response Coordinator for The El Paso Water Utilities (EPWU). “It sent shock waves across the city about water being available and the resilience of the city water utility against all threats, including weather. Pipes on private property burst and homes and businesses flooded. The freeze froze wells and damaged pump stations and our infrastructure. The electric utility required rolling blackouts, which contributed to equipment failures and challenges for the El Paso Water Utilities to continue providing service.”

Thus, Hauk was hired to create a comprehensive enterprise risk plan for security and emergency preparedness at EPWU. “Currently, the ‘security’ function is in its infancy stage of development. I was hired on in April of this year to formally develop a master security and emergency preparedness plan and exercise schedule that would lead the future growth and development of the department,” explains Hauk.

The El Paso Water Utilities serves more than 800,000 people in the El Paso region with a constant 15-percent annual growth and forecast of more than 1.5 million residents by 2060.

As a result, Hauk’s scope of work is quite broad. “My goal is to present and gain approval of the security risk and emergency preparedness master plan. It includes the strategic consolidation of multiple approaches to security into one global unit. Core to this plan is the infusion of a formal Risk Management Initiative, which establishes a risk and compliance culture for our organization.”

“Like the weather, water utilities are rather unique,” says Hauk. “Unlike the electrical utilities, the water utilities’ security and preparedness measures are not federally regulated, nor do they have mandatory program requirements and standards to achieve and maintain. In reference to security and emergency preparedness, the guidelines provided by the industry are voluntary. I find it to be somewhat ironic since we can all live without electricity, but we cannot live without water.” 

As a business leader in the organization, his main goal is to assist in providing uninterrupted service to EPWU customers, while maintaining the positive brand image of the organization. A utility must have clearly defined protective goals that will support, not impede, daily operations. “The challenge is to raise overall security and risk management without it becoming a barrier,” explains Hauk. Operationally, his initial focus has been the in depth evaluation of the facilities, planning and operations to assess the “as is” state of preparedness, primarily focusing on physical security and emergency response. Strategically, his focus is on program development, revising and creating policies and plans, maximizing current systems capabilities, planning for upgrades to technology and implementation of best industry practices and standards.

As a result, security’s business contribution is business efficiency and resilience.  “Our primary role is to help enable our business units and plants to operate effectively, efficiently, and without significant interruption. The key to our success is as a business partner, responding in a way that the business units can understand,” shares Hauk. “Ultimately, it is the uninterrupted services we provide customers that will create measurable value.”

Beyond weather, cyber security is an area of focus. “We are starting to address it on the SCADA side of operations. I am working closely with the IT and Instrumentation and Controls groups to implement best practices and policies, when it comes to security of the systems. EPWU is also fortunate because the University of Texas-El Paso is home to the Regional Cyber and Energy Security (RCES) center. We have expertise from the department of energy, private industry and academia, locally,” says Hauk.

Hauk has joined an organization with both significant need and expectations from the C-suite and community. “They have a high level of confidence and understanding in security’s value and ability to support business goals,” he says. “Our Board, President and Executives all understand that an industry leading ‘security’ program will help prepare for, and addresses, the overall operational risks our organization faces.”

“Every CEO should expect their security organization to deliver value and provide subject matter expertise. They should understand focusing resources on establishing an industry leading security risk management program that will provide an exponential return,” explains Hauk.

While he is facing big challenges and higher expectations, Hauk truly enjoys this opportunity. “The best part of my job is collaborating with others to reach mutually beneficial solutions that support protective and operational efficiencies, as well as being tasked with the responsibility of building an industry leading security risk program. Most of all I enjoy the responsibility of creating and maintaining a safe and secure environment for others to work,” he says.

Outside of work, Hauk enjoys spending as much quality time with his wife and three boys. In addition to traveling and outdoor activities, they are avid Michigan State University and Detroit Lions football fans.

 

Security Scorecard

•           Revenue/Budget: $276,042,000

•           Security Budget: $567,712

•           Critical Issues:

            - Cyber Security

            - Implementing New Technology and Best Practices

            -  Changing the Organizational Culture as it  Relates to Implementing an Enterprise Security Risk Management Program

 

Security Mission

•           Asset Protection/Loss Prevention

•           Brand/Product Protection

•           Business Continuity

•           Corporate Security

•           Cyber Security/IT Security

•           Disaster Recovery

•           Emergency Management/Crisis Management,

•           Intellectual Property

•           Investigations

•           Physical Security/Facilities

•           Risk Management

•           Workforce/Executive/Personnel Protection

Did you enjoy this article? Click here to subscribe to Security Magazine. 

You must login or register in order to post a comment.

Multimedia

Videos

Image Galleries

ASIS 2013 Product Preview

ASIS International 59th Annual Seminar and Exhibits, September 24-27 in Chicago, Illinois, will include an exhibit hall packed with innovative security solutions. Here are some of the products that will be shown at ASIS this year.

Podcasts

Virtualization and Data Center Security: What You Need to Know for 2014

Data centers are increasingly becoming the center of the enterprise, and data center and cyber security is following the same path for security departments. According to Justin Flynn, a consultant at the Burwood Group, the virtualization of data centers allows enterprises to scale more easily and faster, with a smaller footprint.

However, hosting enterprise data in the cloud can make intrusion detection more difficult – how can enterprise security leaders team up with other departments to keep aware of cyber risks and traffic, and physical and data compliance during the virtual transition? How can CISOs and CSOs discuss cyber threats with the C-Suite to get the resources they need? And how can the proper infrastructure test and verify possible malicious attacks? 

More Podcasts

Security Magazine

Security Magazine 2014 September cover

2014 October

Security takes a look at safety and preparedness for the harshest of weather phenomena in this October 2014 edition of the magazine. Also, we investigate supply chain security and the many benefits of PSIM. 

Table Of Contents Subscribe

Travel & the Ebola Risk

Are you and your enterprise restricting travel due to Ebola risks?
View Results Poll Archive

THE SECURITY STORE

comptiahighriseproductphoto
CompTIA Security+ Certification Study Guide
CompTIA's Security+ certification is a globally-recognized, vendor neutral exam that has helped over 60,000 IT professionals reach further and higher in their careers. The current Security+ exam (SY0-201) focuses more on being able to deal with security issues rather than just identifying them.
More Products

Clear Seas Research

Clear Seas ResearchWith access to over one million professionals and more than 60 industry-specific publications,Clear Seas Research offers relevant insights from those who know your industry best. Let us customize a market research solution that exceeds your marketing goals.

STAY CONNECTED

Facebook 40px 2-12-13 Twitter logo 40px 2-12-13  YouTube  LinkedIn logo 40px 2-12-13Google+

Vertical Sector Focus: Critical Infrastructures

criticalhomepagethumbFrom terrorism to vandalism, it’s preparedness, response, training and partnerships. Learn about some of the critical security issues facing this sector.

Visit the Critical Infrastructure page to read more.