Chief Linda Stump, University of Florida Education
It's a Community Mindset!
Hurricane Gustav has just missed to the left. Hurricane Hannah is about to miss to the right. Game Day is here and the Miami Hurricanes are about to hit head on.
It’s a Friday
afternoon, and the University of Florida is about to welcome the Miami football
team plus over 90,000 guests, fans, alumni and students to “The Swamp” for a
nationally televised game on ESPN. While providing security for a celebrity
coach, a Heisman Trophy-winning quarterback and the “The Gator Nation’s” 2,000
acre-plus campus may seem overwhelming, Chief Linda Stump (who has just briefed
UF’s Board of Trustees on game preparations) and her team have matters well in
hand.
“The greater the
buy-in by the administration, the students, the fans and the community at large
about appropriate and acceptable behavior, the greater the team mentality and
the fewer the security problems,” says Linda.
Coordinating with the FBI, local police, state police, the U.S. Marshall’s
and Secret Service combined with flawless execution delivered The Gators a safe
and secure 26-3 win. “With three national championships in recent years, I
wouldn’t say it is easy, but the problems become predictable and identifiable
and we are able to address them,” continues Linda. “We are fortunate to have great fans here at
UF and overall, they know what behavior is expected of them, and that makes our
job just a little bit easier”.
The has 16 colleges educating nearly
50,000 students and is one of the five largest universities in the nation. The
main campus has over 900 buildings, including a major research hospital with
trauma center as well as a historic district listed on the National Register of
Historic Places. Security is designed to be part of the community. “We
recognize the importance of each piece and give each piece equal value,”
explains Linda. The security program focuses on prevention through
environmental design, target hardening, appropriate and fast response and
educational programs.
“One great aspect of
our program is being part of an educational institution and playing a part in
the education of students, faculty, staff and the public. We work to create
awareness through teaching programs, enforcing rules and regulations and
providing appropriate information to our judicial affairs process. I get to go
to class and teach, to be a part of the process and to make the University the
best that it can be,” says Linda. Our community services division delivers over
700 educational programs each year. They create new programs as needed and will
visit off-campus apartments and provide a risk assessments and safety
information.
Linda’s unique view is powerful. She knows the best way for
success is to partner with the students who have a vested interest in their own
future. They will be at the University for a relatively short four years, and
their focus and goals are long term. “We have a responsibility to represent the
institution proudly as an ambassador and as both police and security officers.
The more you project customer service, the better off you will be when it comes
to delivering security. We teach and encourage their responsibility for the
greater good of the community. We get buy-in when they take ownership. That
makes security everyone’s role. We consider the students, staff, faculty, and
visitors, all stakeholders as part of our team to help assess a threat and
communicate that to us. Internally, we have a well established assessment team,
collaborating with student services and the department of human resources to
analyze workplace violence threats or any other type of abnormal behavior
presented to us. The earlier we can
recognize the threat and take action, the safer the situation.
“And the experience
the undergraduates have sets an expectation of service. For example, when they
return as alumni, they expect the same high levels of service from security
that they experienced when they attended.”
One example is the
SNAP escort program to meet and escort any campus visitor who is concerned
about their safety.
is unique because most of the funding for SNAP comes from student government,
and the students have a significant voice in how their fees are spent. SNAP is
well funded, pointing to its visibility and value. During the past year, over
58,900 individuals were escorted via the SNAP program.
Using a holistic
strategy of community participation and behavior modification, the campus
safety program is getting greater cooperation from all stakeholders and
increasing visibility about security and safety goals. “If you are in our
territory and not participating in security programs (such as using ID cards)
for your own benefit, then you are not part of the ‘society,’” explains Linda,
“Making this ‘your’ home and joining ‘Gator Nation’ with specific behavioral
expectations and rules has been very successful. Behavior changes for the
positive.”
They also partner
with local, state and federal law enforcement. “You cannot do it by yourself.
You need to collaborate and create the big picture. We consider the area ‘our
home’ and share information. All of our crime analysts are connected. We
communicate and trade information so we know what is happening on their
boundaries,” says Linda. For example, Florida relies on good crime analysis
information and on the LINX System (Law
Enforcement Information Exchange-to develop a regional law enforcement plan
detailing areas of concern and how to leverage information sharing for the
desired impact) to increase knowledge and improve security.
Leading the
security initiative is not without its challenges, and Linda explains three of
hers. First,
is a big, public institution and has
an open environment accessible by design to the public. Plus, UF has extensions and facilities across the state.
Providing security constantly and consistently in such an open and fluid
environment is always challenging. “We are fortunate to have a supportive
administration and athletic association, both of which understand our role and
provide us the resources we need. Second, the post-Virginia Tech environment
has created new expectations for both security prevention and response, but
also for communications. Today’s students have grown up with instant
gratification and expect accurate and immediate information. We are constantly
testing the best ways to communicate and what to communicate. What do you
convey through the emergency system and how do you decide what information to
send out? Too many messages about minor or ultimately non-events might cause
complacency,” explains Linda.
And third, it is
hurricane season. And while
has withstood Gustav, Hannah and the Miami Hurricanes, more are on their way.
“We need to identify and find the right emergency communication system and
layered approach to messaging,” says Linda.
Florida benchmarks with other leading institutions including ,
“We are always looking for new ideas,
new solutions in strategy, best practices, technology and systems. We work to
avoid complacency. It is easy to spend money in certain ways year to year and
not critically review that spending. We review situational risk, identify the
best ways for mitigation and plan ahead to make sure we are funding the most
effective programs and maximizing our value to the University,” says Linda.
Sometimes it’s an
evolution, not a revolution. For example, as students have migrated from paper
to electronic communications, the University of Florida Police Department has
migrated its safety brochures to electronic delivery, meeting both the school's
sustainability goals and the need to communicate effectively with the students.
Linda became the
first female Police Chief at a State of
public university when she joined UFPD in July 2003. A native of , Linda
holds a bachelor's degree in Criminal Justice and Corrections from , a Master's Degree in Higher Education
Administration from
“I am very lucky to
have a great place to work and live and to touch so many people’s lives in a
positive way. And the environment here is the best. It allows me to be outside
all year long. I love kayaking and biking, and is a wonderful place for an
active outdoor lifestyle. I also enjoy working at a University with such a
strong sports program and being a fan,” says Linda.
John Petruzzi, VP Corporate Security & Emergency Management, Simon Property Group
Property ManagementWhere Security is an Integral Part of the Business Decision!
Simon Property Group is the largest public U.S. real estate company and John Petruzzi sits at the wide and deep crossroads of public/private relationships to provide security and emergency management for over $60 billion in infrastructure including shopping malls, regional malls, Premium Outlet Centers, The Mills, community/lifestyle centers and international properties. Simon currently owns or has an interest in 383 properties comprising 261 million square feet. At the time John spoke with us, he was busily securing properties from Hurricane Gustav, which had reached New Orleans, and preparing for Hannah and Ike, which were approaching the continental, U.S.
“Our properties are a microcosm of the communities in which we operate,” shares John. “Our security planning can be radically different between like facilities; this all depends upon the market threats and risks. Simply put we remain focused on managing the specific risk of each location.”
Security is one of firm's leading operational expenses and there are few organizational boundaries in a company whose environment is led by an entrepreneurial spirit. “We drive ownership for safety and security to every employee in the company. Better education will result in fewer incidents,” says John. Security is a major topic at their annual management meeting which brings over 1,500 managers together. Many senior executives discuss safety and security as “core values” throughout their presentations.
There is a wide spectrum to consider when it comes to security’s “customers.” a list that includes but is not limited to retail tenants, employees, shoppers, office tenants and visitors. “A major focus in upcoming months is to better educate our customers, this is going to be a concerted public/private effort to help reduce personal risk by increasing the customers situational awareness,” says John.
The preparedness and sophistication among criminals is increasing as the advent of organized retail crime shows. This directly impacts retail tenants and indirectly impacts real estate firms. The security team at Simon has been proactively working with the National Retail Federation and the International Council of Shopping Centers, in an effort to thwart organized crime through coordinated training program and tighter public private partnerships.
Simon’s public/private partnership includes frequent local, state, regional and national meetings to continually improve communications and execution. “Our programs are based on observation and reporting,” shares John, “So this input and collaboration is a critical success factor for us.” Emergency Management requires effective planning to assess risk, create continuity programs, plan for closures (in New Orleans during Gustav, for example) and then plan for resumption of business. The logistics, staging and execution must be seamless.
Simon has created numerous templates to manage emergency events, this allows for repeatable operations from market-to-market and facility-to-facility. “We have exercises from table tops to full field level with police, vendors, OEMs and others to test and ensure compliance. Emergency management is major factor in determining our success and the respective success of our tenants.”
Simon’s sheer size and market penetration enables them to track crime, collect data and respond to that information. When it is all summarized, security is still a cost that needs to be justified and they are very focused on solid business metrics.
“Whether it is green mobility devices that stabilize cost and increase the effectiveness of security or our need to go outside the security space to find solutions,” says John, “we are focused on measuring and maximizing our value to the business. A large portion of our investment is on the human side, we have a substantial spend on contract security, and we manage this with solid business metrics. From a technology perspective we work to prove the long-term economics of all strategies prior to submitting for approval.”
As an example, Simon Property Group recently implemented an integrated enterprise security system to communicate with officers; the system has enabled Simon to remain stable on labor costs while increasing officer efficiency and productivity. The result is utilizing technology to enhance physical presence. “We have a massive infrastructure and this system is improving our ability to gather intelligence and meet the most current threats,” says John.
John has over 18 years experience in both the public and private sector. For the last 10 years he has held leadership positions with direct responsibility for managing the physical and information security programs in the three distinct business verticals; Deutsche Bank, Constellation Energy and Simon Property Group.
“The security industry’s biggest challenge,” says John, “is to move our profession to the next level. The security profession has come a long way and we need to continue working to mature the role.” He takes this responsibility personally as John is an active volunteer leader with three industry leading security organizations; ASIS International where he is an Advisory Board Member for the CSO Roundtable and has recently been appointed to the Board of Directors, along with actively participating in ISACA and ISMA meetings and events. Additionally he is a key contributor and presenter for AESRM - Alliance for Enterprise Security Risk Management. John actively participates with the Department of Homeland Security’s Commercial Facilities Sector.
Dave Homolka, Director, Corporate Asset Protection, Cabela’s
Retail
It’s All About the Culture!
To understand David Homolka and Cabela’s successful security organization, you have to first understand this multi-channel retailer’s unique culture and dynamic business model. For avid outdoorsmen (and women) there is no substitute for the high touch and open retail shopping experience and environment Cabela’s “ World’s Foremost Outfitter” offers. It is Cabela’s famous Outfitters (sales personnel) who live the Cabela’s lifestyle, are experts in their field and create the company’s spirit for great service that attracts customers. Cabela’s is as much a destination as it is a store with the average customer visit lasting over three hours.
“Cabela’s has a real family feel to it,” shares Dave Homolka,
“And what makes our stores inviting also makes them susceptible to shrink.”
At the same time,
Cabela’s is a dynamic company with $2.3 billion in annual sales and is evolving
from being a catalog/retailer to a multi-channel retailer and from a family run
to a publicly traded corporation. Today, Cabela’s has 29 stores, three
distribution centers and five customer relations call centers. Cabela’s wholly owned bank manages their
very popular Cabela’s Club Card with over one million members.
The very strengths
that make Cabela’s uniquely successful were a challenge to asset protection
programs for physical and logical security expertise and execution.
It would have been only human for Dave Homolka to approach his new
role as Director of Corporate Asset Protection with a command and control
mentality. Rather, Dave did not attempt to change Cabela’s culture but aligned
with its unique culture to get results.
Dave focused his
team on core opportunities:
- The employee’s strong sense of ownership who take ownership of the business personally
- Teaching security to senior management
- Implementing new technology to increase awareness and understanding
- Focusing on the “Good Customer” first in all discussions
Cabela’s Outfitters care about their customers and the merchandise they recommend and sell. They pride themselves on their expertise and have a very protective attitude about Cabela’s brand and reputation. Through training and education at stores and distribution centers, policy shifts were presented in “the right way” and well received by employees. By pointing out that these changes were not an issue for the “Good Customer,” Outfitters and management have been highly supportive.
At the executive
level, Dave worked to educate senior management on the reality of where shrink
occurred by using facts and statistics to create an understanding of the
problem and the opportunity to reduce loss.
Through this process
and the discussion of the “Good Customer,” the status quo was challenged and
discussions around employee theft and a liberal return policy were welcomed.
For example, the return policy was changed due to non-customers taking
advantage through fraud or abuse.
The introduction of
video and surveillance, card access, loss prevention systems, audit and strong
PCI adherence has also increased access to metrics and the ability to show real
results to both store level personnel and corporate management.
Shrinkage has been
reduced in a very challenging environment and is below the industry norm. By
focusing on employee awareness, internal and external investigative efforts,
Cabela’s Corporate Asset Protection Team has found its stride.
Dave focuses
directly on his responsibility to the leaders, employees and shareholders to
make a real tangible difference and ensure that the return on investment is
measurable. He sees his role as, “All about driving progress and change through
people, primarily at a distance. Ultimately we are really working to exceed
expectations and it is this vision that keeps me up at night thinking about
enhancements that can make it a reality.”
Dave’s experience as a human resources executive helped him
understand how to best drive change and execution through his team.. By
defining performance as “behavior plus results,” he was able to educate and get
buy in and do so in a way that aligned with the company culture. Prior to
joining Cabela’s in 2004, Dave worked for ShopKo Stores where he held executive
leadership positions in store operations, human resources and loss prevention.
Dave lives in with his wife and two daughters.
True to the Cabela’s culture, he and his family enjoy the outdoors, especially
fishing and camping.
Timothy J. Rigg, Director, Corporate Security, Progress Energy
Utility
Changing Roles:
The Traditionalist and Futurist Security Leader!
As Tim Rigg begins our discussion, he is at the Progress Energy office calculating the impact of Gustav that has just passed through and is assessing Hannah, Ike and Josephine as they approach the
“Our investments since Katrina have paid off,” says Tim. “The
systems and processes that were put in place worked well and this was a tremendous
test. Since 9/11 and Katrina, the concept of critical infrastructure and the
new spectrum of threats and security programs to mitigate those threats changed
dramatically.
Tim has a clear
vision of the changing role of the security executive and has done an
exceptional job of understanding and managing security. “There is the
traditional security role which includes employee safety, workplace violence
prevention, securing assets from theft as a utility or company to protect the
core business. Copper wire theft is one example, our field employees being
attacked by angry customers is another.
“Utilities are part of the community and we interact with them in
many ways. As a service company we must provide security on our properties for
our employees, customers, visitors and assets,” says Tim. “In addition to our
security programs, we use education and training to create awareness and
provide a safe and secure environment.
“And there is the post 9/11futurist security role to protect
critical infrastructure against terror, well coordinated attacks and large
scale events that would change the landscape forever in terms of life and
freedoms. This mix of roles and possibilities keeps me up at night. It is key
that complacency does not set back in to security programs.”
Tim is responsible for the administration of the Corporate
Security function at Progress Energy including investigations, physical and
electronic security, business continuity, crisis management, pre-employment
background investigations, drug and alcohol testing, workplace violence
prevention and response, and executive protection. He has been with Progress Energy since 2001.
Progress Energy is
headquartered in and is a Fortune 250 energy
company with more than 21,000 megawatts of generation capacity and $9 billion
in annual revenues. The company will observe its 100th anniversary in 2008.
Progress Energy includes two major utilities that serve more than 3.1 million
customers in the Carolinas and .
Tim’s responsibilities
are broad including disaster recovery, emergency management and regulatory
compliance. Security is required to navigate through the increasing volume of
security related regulations including MTSA, CFATS, NERC CIP and others. “At a
minimum, we have to evaluate a regulation’s applicability and then create a
compliance effort if indicated. For example, the Chemical Facility Anti-terror
Standards may or may not have applied to us, but it is our responsibility to
determine this and take action,” states Tim. “We also plan for the unforeseen
including emergencies involving employees during international and domestic
travel. Disaster recovery and emergency management is also core to our role. In
many situations, we take the lead in planning and preparing for emergency
response. Which we have been doing here as a result of Gustav this past week.”
Tim is
active in the utility and security industry as well. “I think there are
exciting challenges in this dynamic profession. Keeping up with the change, becoming
an enterprise-wide, high value part of the company, setting strategy for
security as well as business continuity and emergency management. The
operational challenge is having the ability to effectively evaluate and monitor
risks on a continuous basis. The executive challenge is to show how security
fits into the business and present yourself as a prudent leader in the
company.”
Progress Energy’s
security department measures value through benchmarking with other like
utilities against industry guidelines. They ensure regulatory compliance and
site examples where security transcends the business. “Our CCTV system is
utilized for an operational view of critical equipment or gauges without having
to physically go to a facility.”
Tim appreciates the
value he gains by participating on the Edison Electric Institute’s Security
Committee, which addresses impactful issues facing security leaders at
utilities. “We discuss best practices, concerns and core issues. I find the
exchange of information to be very helpful,” says Tim. He also knows that the
learning process never stops for security professionals.
Tim received his
Baccalaureate Degree from
in 1991 and
his Masters Degree in Business Administration from Rigg Argosy University Sarasota in 2003. He has also graduated from the
Executive Security Leadership program at
and Corporate Leadership
programs at both North
Carolina Chapel Hill.
He is Board Certified
in Security Management, a Certified Protection Professional. He is a member of
the International Security Management Association, ASIS International, and
represents the interests of Progress Energy on the Edison Electric Institute
Security Committee and the North American Electric Reliability Council Critical
Infrastructure Protection Committee.
“I love my job.
There is something new to do everyday. It is evolving and changing daily with a
high degree of accountability,” shares Tim, as he turns his attention back to
The Weather Channel and the current security emergency.
Bob Moraca CPP, CFE, Director of Security and Business Continuity, Sunoco Inc
Energy
Thinking like a Wolf to Protect the Sheep!
From protecting critical infrastructure at the world’s largest refineries to preventing shoplifting at the most rural Sunoco A-Plus Stores to creating TWIC credentials for over 5,000 employees, Sunoco’s Corporate Security mission and program, led by Bob Moraca, is challenging and exciting, 365/24/7.
As Bob and I sit
down to meet he is preparing to meet with Sunoco’s new CEO, and introduce her
to Sunoco security. “I know and am well prepared to start all over again. Who I
am. What security does. How do we create value for the business units?” shares
Bob. “We are organized to support and provide security for our “customers” and measure
the value we contribute.”
Sunoco is a complex
organization with five business units and annual revenue near $45 billion.
Headquartered in ,
Sunoco’s five business units include:
- Refining and Marketing Petroleum and Petrochemicals
- Retail and Marketing at over 4,700 sites including over 650 A-plus stores
- Pipelines (Over 5,500 miles) and 38 Product Terminals
- Chemical Plants manufacturing intermediates for fibers, plastics, film and resins
- Cokemaking Facilities in the using Sunoco’s patented technology
“We recognize each business unit as a unique customer and also identify the constituents within those business units as our customers including employees, consumers, visitors, our executive team and the public in general,” says Bob. “We had a great opportunity two years ago when Sunoco moved its corporate headquarters into a new building.” Security was able to leverage new technologies, implement new systems, develop an emergency video and issue Personal Evacuation Kits that include mask, water and flashlight as part of their emergency management training education.
At their refineries, chemical and coke plants, security has
created a matrix that works well. Corporate security sets the standards and
policies with a dotted line to each facility. Local security professionals
report to facilities management enabling a more productive and integrated
relationship with the business units; it is a true team effort.
Bob also works closely with government authorities and joint-terrorism
task forces including the local Infragard chapter. As a major energy company,
Sunoco is beholden to many government regulatory policies as well as
non-government programs. “Before 9/11 we were well down the road with the
American Chemical Council’s Responsible Care Program conducting risk
assessment, auditing our programs and providing a voluntary layer of security.
Enter DHS and regs such as the Maritime Transportation Security Act requiring,
‘sites adjacent to a navigable waterway’ to be regulated which impacted
thirteen Sunoco facilities. Parts of the regulation mirrored the American
Chemical Council program but raised the question, Do these new regulations make
us more secure or just cost us more money?
Bob took the
initiative to work within his industry and directly with government
organizations to educate government and affect the outcome. “Partnering with
the government to make regulatory policy practical is the right way to go,”
says Bob.
”It’s been a good
relationship between the American Chemistry Council, Sunoco and the
government.”
For example, during Hurricane Gustav, DHS and FEMA provided daily
briefings to Energy Critical Infrastructure member companies and held Q&A
sessions. “This was a great benefit for Sunoco to have their eyes and ears
share information with us each day,” says Bob. “Another example of cooperation
was during Hurricane Rita in .
The Public Safety Commission created a ‘letter of passage’ that enabled our
company representatives to get to critical infrastructure without being held up
by local authorities or other red tape.
“My team and I are
the law enforcement liaison for Sunoco with DHS and other entities. It is my
responsibility to have these networks in hand, know the people, build
relationships and be prepared well before emergency response is indicated,”
states Bob.
Another example is
the Transportation Worker Identification Card (TWIC), which impacts over 5,000
Sunoco employees. Working closely with DHS, the TWIC center was moved onto
Sunoco premises speeding the process.
At the heart of Sunoco’s security program is its
and Central Monitoring Facility. “After 9/11 we moved the center from our
high-rise office tower to a secure remote location. That was one of the lessons
learned from 9/11 when both EOCs were destroyed. Sunoco’s EOC includes a retail
intervention system featuring electronic first responders who can observe in
store activity and intervene. Over 10,000 retail employees are trained on the
systems and the use of remote panic pendants. The electronic first responder
system enables corporate security “Intervention Specialists” to come on over
the audio system and announce their presence. This has been a huge deterrent to
criminal and negative behavior.
The intervention
system has had direct business value, too. Regional managers typically
supervise and visit ten stores. Using the video system, they are able to visit
stores remotely which has contributed both bottom line cost savings and
increased productivity. The system also views shopper behavior and was used for
a study to improve ergonomics and increase point of sale revenue at a fraction
of the cost of an onsite study.
Security also
secures employees during overseas travel, especially near their coke
plants where crime risks may be elevated. Sunoco’s contract with
ControlledRisk24 who provides current information to traveling employees and
enables them to get emergency assistance. Bob also relies on educational
programs at all levels to increase awareness about protecting personal safety,
corporate facilities, intellectual property and other at risk assets.
Bob started in law enforcement and earned his MBA after which he
joined the private sector. He joined Sunoco twenty years ago and loves his job.
“Everyday is different. I don’t know what will happen next. The challenge is a
rush and I love doing this 24/7,” says Bob. He is the Chair of Sunoco’s
Workplace Violence Committee and represents Sunoco as the Chairman for the
local Citizens Crime Commission.
Among Bob’s concerns are industrial espionage firms that are now
calling themselves competitive intelligence organizations. “Since they are
reaching out to us, I assume they are contacting our competitors,” says Bob.
“And this opens a whole new set of issues. If we hold a meeting at a hotel and
the meeting room is bugged, is that illegal? It’s high-tech dumpster diving and
we need to protect against it.”
Sunoco security’s
greatest challenge is that each of the five business units has diverse and unique
security requirements. He needs to manage each while seeking economies of
scale. “There is an old saying that in order to protect the sheep, you need to
think like a wolf,” says Bob. “That is still true today. We ask ourselves what
would the criminals, terrorists, disloyal employee, etc., do? We identify risk
and prioritize what to protect. We build the onion skin around those at risk
areas and secure them.”
Lori Hennon-Bell, Vice President, CSO, Prudential
Financial
The Great Balancing Act: Preemption, Response, Business Continuity and Crisis Management
For a person who has a world-class track record having made a difference in the state of , Lori Hennon-Bell is well suited as Prudential’s Global CSO. Since she joined Prudential in August 2005, the only constant in Prudential’s security program has been change for the better.
“The first
initiative was to change security’s focus toward preemption. While we continue
to have excellent response capabilities, our goal is to assess risk and then
proactively mitigate it,” says Lori. There are many pieces to Prudential’s
strategy to make this vision a reality and Lori and her team are putting the
pieces together and achieving their goals. Complexity recently was added to the
program when disaster recovery and an extensive revision of the crisis
management program were added to Lori’s role.
While the security team’s big picture changed to get out in front
of risk and prevent events from happening altogether, Lori implemented numerous
other programs to complement the preemption strategy.
“We support vendor
due diligence and we provide background investigations. We have programs to
prevent violence in the workplace. Prudential corporate security also acts as a
consultant to the field offices that are operated outside of our company. They
use our procedures and guidelines to ensure proper levels of security are
maintained enterprise wide. And we have total responsibility for Prudential
owned worldwide properties as well as our home office employees.” says Lori.
Lori considers all
the associates at Prudential among her “customers” including the executive
team, investors and the public at large. “We work to create an environment for
someone to either invest in Prudential or become a client by reducing risk and
ensuring security,” explains Lori.
Most of Prudential’s
security resources are focused in .
However, the company’s first
international regional security director was hired in December 2006 in . “Adding
this position taught us a lot about operating security in an international
locale. We learned about the regional culture through a person familiar with
it, and that was powerful for us. In an environment where either higher risk or
lesser security is normal and tolerated, we were able to understand that
culture and work with it to reach our security policy goals,” says Lori.
Her background in the New Jersey State Police as a Lieutenant Colonel
in the Homeland Security Branch exposed Lori to complex matrices and politics.
“What is important is knowing how to get things done. You learn that in a large
organization like the state and that enabled me to manage well in my new role
and environment,” says Lori. “Prudential is a great place to work and there is
strong support for security’s role to protect the organization and its
stakeholders.”
Managing global
security at Prudential has its challenges and Lori will be the first to share
that the work is never done and the threats are never gone. Changing security’s
vision toward preemption required constant risk/threat assessments and global
analysis. Lori and her team constantly ask, “Does this information have any
impact on Prudential’s associates and stakeholders?” They have balanced their
security resources to support and ensure business operations and be certain the
mitigation programs are working.
A core part of the new effort’s success is collaboration with
peer departments including IT and facilities, for example, and initiating
public/private partnerships within
where they are headquartered and with expansion plans in other locations where
they do business. “We have a technology team in security that works with a team
in IT that is dedicated to corporate security to bring corporate security’s
objectives together with the Prudential platform,” says Lori.
The goal of their
investment and strategy is to push danger out to the farthest perimeter and
create a security culture. “We are focusing on preemption but also continue our
work to be excellent at response,” explains Lori. “ The change in our focus
forced our team to go back and realign our resources with our goals to meet
risks. It also gave us the opportunity to measure our performance. We get
customer satisfaction surveys from our associates and make changes based on
their feedback.”
Lori is both
visionary and extremely detail oriented. While her vision to improve
Prudential’s global security through preemption is executed, her focus on the
steps to get there is impressive. “We changed the security officers’ uniforms, which doesn’t sound like a big
deal, but as a result of the change to new uniforms, our officers presented
themselves more professionally and our associates had a stronger buy-in to our
security culture,” explains Lori. The uniforms were not the only change made.
Their officer standards were increased and the training program was redesigned.
Officers are focused on a full spectrum of skills from meet and greet customer
services to evaluating risks presented to responding with appropriateness and
excellence to events.
“Security can be
fearful, but when you bring the attributes of customer service to it, you
receive information. You can never minimize the value of that information. It
is vital that it is brought to our attention and we are able to analyze it. The
customer service oriented program is designed to gain buy-in and receive more
information,” explains Lori.
She also changed to environmentally friendly patrol vehicles to
align with Prudential’s green program and reduce costs. Prudential uses
hybrids, bicycles and three-wheel scooters for its security program.
Her current
challenge and integration program is to bring the significant investments in
technology and people together to maximize efficiency and security. “Our video
analytics can provide critical information to officers, allow us to better
allocate resources and alert us when we need to be alerted,” says Lori. “By
taking a holistic approach to security and leveraging technology, we are able
to achieve our goals and better allocate our resources.”
Prudential’s
public/private partnership outreach is creating synergy in with emergency services focusing on
both prevention and response. “Knowing the people that you need to work
effectively with during an emergency beforehand is invaluable,” shares Lori.
“Having these relationships allows all of us to communicate and expand
security.”
During Lori’s tenure
at the New Jersey State Police, she was responsible for building The Rock
(Please see Security June 2008 “New
Rocks”) from a planned EOC into the broader intelligence-sharing center it is
today. At Prudential, she oversees the company’s EOC and considers it one
additional tool for delivering security 365/24/7.
Married with two children, Lori believes parenthood has also
prepared her well for her career. “Being a parent requires you to take a
leadership role. That experience is important and helps to balance both family
life and a very demanding executive role,” says Lori.
Dennis Treece, Colonel, US Army (Ret), Director of Corporate Security, Massachusetts Port Authority
Government
Meet The Director of Corporate Security, Emergency Manager, COOP Manager and Director of the of
Everyone who visits or works at the many air and seagoing facilities is a customer of this department. Approximately 62 million people, including those that go back and forth on the bridge daily, are considered our ‘customers,’” explains Dennis Treece of Massport. “We have the responsibility to ensure that Massport’s $8.7 billion annual economic impact to this region and the people are not at risk. That neither commerce nor life is interrupted.”
Dennis is a former
Army Intelligence Officer where he spent 30 years, embraced technology and
wrote the Army’s first Information Assurance Procedure manual for Internet
security. As Director of Special Operations at Internet Security Systems he
defended F1000 networks. Since joining Massport in 2002, he has used his
expertise in both physical and logical security to harden Massport through
improved communications, policy and procedures and technology and security
systems. Dennis wears many hats including Director of Corporate Security; he is
also the Emergency Manager, the COOP Manager, and the Director of the
“9/11 and Richard Reid the shoe bomber raised the bar
considerably. Everything has changed. Threats are taken more seriously.
Regulatory policies and agencies including MTSA, ATSA, DHS and TSA have been
created. The impact on airport operations requires more time and energy
securing both physical and logical property,” says Dennis. As a result,
Massport has invested over $210 million in capital security upgrades since 911
and has a $75 million annual operating budget.
The impressive
Department of Corporate Security at Massport’s Enterprise Security Program
includes both physical and virtual. The security team consists of 340 security,
law enforcement and fire-rescue personnel, with each business line (aviation,
maritime, bridge) responsible for its own security under the staff supervision
of Dennis. The Department runs the Transportation Security Technology Center of
Excellence, a high-tech test bed that seeks to find and improve on promising
new security technologies by observing their use in active sea and airports.
Massport includes
over $10 billion in critical infrastructure including three airports, three
container terminals, three city parks, over 53 miles of perimeter and 162 major
buildings. “As a result, Massport has made a huge commitment to security. Over
14 percent of gross revenue is invested in security,” says Dennis.
“We have received
and tested over 78 new technologies in the past six years. We test for 30-90
days, give feedback to the manufacturer and tell them how to make their
solutions better,” explains Dennis. “One common and expensive problem is when
people leave the secured terminal, realize they forgot something and turn
around and walk back in creating a breach. The whole terminal has to be closed.
Planes held at their gates risk missed connections and adding to tarmac
congestion as planes land and wait for those gates. It’s a very expensive
problem.
“For example, we are testing two innovative solutions. One is a
camera system from Cognex that detects and follows the person so security can
find and stop them. The other is a door system from Gunnebo that does not slow
passengers as they leave but does prevent them from reentering the secure
area,” Says Dennis. The goal is to eliminate breaches entirely to save time,
money and better apply resources.
“There is no silver
bullet for solving security risks and issues. But we continually work to harden
Massport as a target,” says Dennis. “We want those considering illegal and/or
terrorist activities at Massport to be stopped by using the Teflon defense: We
work to drive the bad guys elsewhere.” Since 9/11, Massport now has a 10-foot
high cement, crash resistant fence, which replaced a chain link fence. Their
6.5-mile waterside perimeter is protected by an infrared protection system that
cost over $7 million. And the 148 state police (paid for by Massport) carry
submachine guns.
“When you ask what keeps me up at night, I think it is a
reflection of the security programs we have put in place,” explains Dennis. “We
have no visibility into the next attack. We don’t know what it looks like.
Where it will come from. How it will be conducted. So we have to defend against
all possible attacks all of the time. In fact, every day that passes safely
means we are one day closer to the next attack.”
Massport measures both the cost and the
revenue generated by the security program. Using Generally Accepted Accounting
Practices they access their financial database with predetermined, formulated
queries that report exactly how much the security program is costing. They
understand the actions taken by the security team whether it be in response to
criminal activity, an exercise, a major fire, etc. and to translate activity
metrics into performance evaluations. Massport Corporate Security analyzes in
detail the 200+ metrics lines for year over year and month over month expenses,
equipment reliability, response times, and the like.
Those 200+ metrics
are critical for success. “Personal analysis of the metrics is key to understand
what is changing and if that change an improvement or a detriment. If the
change is for the worse, then we decide what to do about it. Having reliable
and consistent metrics year over year allows us to make sure our stakeholders
understand and are satisfied with our performance,” says Dennis.
“We recognize that
security is volumetric making measurement a challenge. For example, counting
how many people use a facility each day is necessary to measure performance. We
need this information for insurance and exposure purposes. We have engaged the
stakeholders to collect and report it so that we can measure activity against
performance,” says Dennis. “I call it the Lighthouse Paradox. As ships safely
navigate past the lighthouse that does not mean you don’t need the lighthouse.
It means the lighthouse did a great job.”
Communication is
also a critical component of Massport’s highly successful security program.
Dennis chairs a daily meeting with all stakeholders including police agencies,
government bodies and private companies. “This is a great forum with 80-100
people to address security issues and communicate,” says Dennis. The meeting
begins with a structured agenda with reports from the FBI, airport directors,
airlines, TSA, legal, FAA and even baggage handling. The meeting includes an
open forum and Q&A to cover any and all security issues. Massport also
engages employees to be security players. “We recognize employees that
contribute to security via a poster with their picture and noting their contribution
in making Massport a safer environment.
Everyone is trained to take ownership and be responsible for a secure
environment,” explains Dennis.
Wearing many hats,
having 365/24/7 responsibility and managing a $75 million operating budget is
challenging, but Dennis enjoys it. “In the army we changed roles every two
years at the most. I had 15 different careers in the army. In the private
sector you might do the same job for 30 years. This is the best of both worlds.
Everyday is different and the role is always evolving. I love that I can make a
difference in helping key transportation infrastructure become safer and more
resilient. Our passengers, employees, visitors and our economy benefits because
we remain open for business,” shares Dennis.
Dennis clearly sees
the industry’s biggest challenges. “We have a generation of security directors
from physical security that do not know technology such as frame rates and
bandwidth and network security. Security executives cannot survive today
without understanding the ins and outs of security technology. I am eager to see the profession become
equally comfortable at locking down a file server as a parking lot,” concludes
Dennis.