The Risk Room: Building the Right GSOC for Your Business
A GSOC’s value is now recognized as a necessity to support an enterprise’s global business goals and operations.
On August 17, 2015, three terrorists bombed the Erawan Shrine in the Pathum Wan district in Bangkok at 6:55 p.m. local time, killing 20 and injuring 125. There were three Corning Incorporated employees lodged in a nearby hotel 100 meters from the primary blast site. Thanks to Corning’s global security operations center (GSOC), the Corning travelers were quickly identified, with their physical location established and their well-being confirmed.
The GSOC staff coordinated their safe return from a restaurant back to their hotel and made contingency arrangements to secure alternate lodging. They also continued to regularly communicate with the employees throughout the crisis, and made appropriate ongoing notifications to supervisors and company leaders. In addition, they assisted with arranging ground and air transportation for the employees to safely depart Thailand the following day.
That’s the power of a GSOC. And while a GSOC is not a new concept, its value is quickly becoming more recognized as a necessity to support business goals and operations.
A GSOC can take the form of a new facility, or it can be housed in an existing one. And one size does not fit all with a GSOC, of course. Factors such as enterprise size, security budget and risk needs analysis all come into play.
At Corning, Steve Harrold, CPP, Division Vice President, Global Security, and his team recently built a new GSOC that is all about communications, collaboration and staying connected. It is people-focused with an optimal design that is a different take than traditional GSOC layouts.
Corning Incorporated in Corning, New York, is one of the world’s leading innovators in materials science. The nearly 165-year-old company produces products such as damage-resistant cover glass for smartphones and tablets; precision glass for advanced displays; optical fiber, wireless technologies, and connectivity solutions for high-speed communications networks; trusted products that accelerate drug discovery and manufacturing; and emissions-control products for cars, trucks and off-road vehicles.
Harrold came to Corning after a role at Fidelity Investments as senior vice president and chief ethics officer and vice president, corporate security. Prior to Fidelity Investments, Harrold worked at 3M Company and held the roles of corporate security director and global business director for 3M’s commercial security products division.
Corning had a GSOC within its corporate headquarters that was primarily used for dispatching and alarm monitoring, but Harrold says the company quickly outgrew the GSOC’s capabilities.
Another reason for the new GSOC, says Harrold, is Corning’s global growth. “We are a multinational company, with operations and employees throughout the world, so as the risk profile of the company began to change, security risks and requirements changed as well,” Harrold says.
So three years ago Harrold and his team began a journey to ensure that Corning’s security operations were aligned to the company’s diverse and global enterprise risks. The team also wanted to standardize the enterprise’s security infrastructure. The result would be a GSOC that would offer unprecedented enterprise situational awareness to identify threats and related vulnerabilities, in addition to enabling effective communication and mitigation against risk before a security-related event occurs.
“We needed a space that was capable of many things: camera and alarm monitoring, travel monitoring, employee well-being checks and dispatch resources, all with a robust risk monitoring and reporting capability,” he says. “We were always monitoring geopolitical and weather events worldwide, but we didn’t have complete insight on the impacts to Corning operations.”
Harrold adds: “Corning has always had a sound footing with crisis management, and it has seen a lot in 165 years. It’s a mature organization, and it is well-equipped to deal with crisis management. But as we have grown, our senior leaders wanted to see more consistency in our ability to respond in a crisis situation. Our senior leaders were supportive to help us gain the capital funding to build the new GSOC.”
But first, the project team asked the current GSOC operators what theywanted to see in a new GSOC. A “voice of the customer” survey with a 90-percent response rate showed comments about the current GSOC, such as:
- “We need a layout that encourages better group communication.”
- “In our current space, it’s hard to communicate during codes.”
- “We need a space that helps minimize noise and distraction.”
The results also showed the need for a pass down room, a space where additional analysis of incidents could be done. And it revealed a lack of all relevant operational knowledge being known and understood by GSOC operators across all shifts that impacted the ability for the GSOC to effectively provide accurate and quality services to security’s customer, which could increase the probability of operator error and negatively impact customer/GSOC relationships. Thus, another goal of the new GSOC became the creation of a standard process that
ensures all relevant operational information is shared, known and understood by required operators in the GSOC.
While traditional GSOCs will have a row of operators oriented toward a large wall of monitors, Harrold and his team implemented a design that takes the voice of the customer into consideration. “We asked our security operators to tell us how they do their jobs each day, and designed an optimal space that enabled them to work more effectively and efficiently. The previous design had the operators standing up out of their chair to talk to others, with limited space for technology,” Harrold explains. “The operators told us that they need to collaborate, but they also need to be able to stay focused on monitoring their particular set of responsibilities. The new design incorporates six stations: some are monitoring video cameras, or monitoring alarm transactions, or current events, so all operators are not monitoring the same thing. But in a crisis, they need to come together and collaborate, and then return to their respective zone. That’s the essence of the design: in the center is an executive decision-making space, called a pinwheel, which allows for collaboration space, and as you work from the interior to the exterior, the array of monitors gets bigger and higher, so there’s more privacy as you exit the interior,” he explains.
But overall, the new GSOC design process used a values-based approach. “First we started this design project around the individual. People are the most important part of the space investment; therefore we designed the space to maximize the value of our people,” Harrold explains. “The second value was quality: all of the work at the GSOC is collaborative, and each operator has a vital role in that. One person doesn’t manage a significant issue that comes up; it’s collaborative where each operator brings specific pieces to the table where it’s collectively assembled. The third value was innovation. We let the needs dictate the design rather than us dictating it on our presumed knowledge of what the operators need. It has been highly empowering for the operators, as they now have more of a sense of esprit de corps.”
Another improvement with the new GSOC is the information and the business value it provides. “We think about our clients in different segments: our senior and division leaders, and our employees. In a given month we handle more than 7,000 inbound and outbound calls from everywhere in the world, with employees calling to check on a security condition or ask a question about how to get connected,” Harrold says. “It’s become a very valuable part of how employees can get connected if they need help. The other aspect that came into play when we designed the new space was to incorporate our technology and design services team, as they champion best-in-class, technical security solutions for the company. They help us manage our infrastructure, and in many cases, they know the technology better than our vendors who sell it to us.”
Metrics and a strong reporting ability were brought in from the former GSOC, but with improved capabilities. First, a daily report is sent that keeps management abreast of any potential incidents, such as weather, geopolitical, employee travel and more. Once an incident is raised within the GSOC, a PIN (Preliminary Incident Notification) is sent to senior leaders letting them know that security knows about the incident and to stay tuned. A Situational Awareness Notification (SAN) will be sent after the PIN that includes more information and analysis, and the likely impact for Corning and its employees and operations. Multiple SANs may be published throughout the event to keep management continuously informed. “Often when we send a SAN, we are collecting feedback as we are reporting,” Harrold says. “Very rarely does something happen in the world that we don’t know about. The PIN is designed to tell people that we are on it, and the SAN then gives useful information via email.”
In terms of metrics, the security operations team studies the time from the first receipt of an event and the time that the first PIN is published. “There’s always a fine balance between speed and accuracy,” Harrold says. “Using internal methodology we have reduced the variation within the reporting, and we have been able to reduce the amount of time to get information to management. A new capability with the technology is that when we declare incidents to be corporate crises, which are very rare, we now have the technology to ensure everyone has received an alert from security.”
A third improvement for the new GSOC, Harrold says, is the operator stations themselves: stations are designed from an ergonomic perspective so that an operator can either stand or sit, or raise the station. An operator can also customize their space based on their role, such as you would do with a car. They can take customized images from a monitor and send them to a separate room that has three, 95-inch monitors for further analysis.
Last, the new GSOC leverages Corning products, including Corning® Willow® Glass laminates, Corning Optical Fiber that provides the connectivity backbone that enables all of the monitors, and technology, and Corning’s keystone product, liquid crystal display glass (LCD), that is used throughout televisions, tablets and monitors.
The GSOC at Johnson Controls
Johnson Controls is similar to Corning in terms of its GSOC and risk profile in that it too, is a multinational conglomerate. With corporate headquarters in Milwaukee, Wisconsin, and 180,000 employees and customers in more than 160 countries, the company produces building efficiency products, controls and services, batteries and energy storage, and automotive seats. A plan for a GSOC was originally proposed by Bob Soderberg, CPP and Vice President, Global Security for Johnson Controls, to address identified security risks to the company. The need for a GSOC was made even more apparent during the powerful earthquake and tsunami that stuck Japan in March of 2011. The Japan Post Incident Report identified the need for a GSOC as one of many opportunities to improve response to crisis events.
To develop the GSOC, Soderberg and his team repurposed an existing security office to leverage the existing 24/7 security staff in place. In addition they partnered with the company’s building efficiency security and fire group to aid in the development by identifying and installing the latest software and technology.
“We really had to think outside the box to develop a GSOC that met the company’s needs while staying within the allotted budget,” says Soderberg. About $200,000 was spent to purchase hardware and supplemental staffing, including the hiring of a GSOC manager. “We conducted benchmarking, and I spoke to colleagues who had spent $1 million or more on their GSOCs. But we didn’t need that. Even if I had unlimited funds, I wouldn’t do anything different, and our model, which is unique, is very successful,” he says.
The Johnson Controls GSOC utilizes various applications to monitor company assets as well as threats that have the potential to impact these assets. Once a threat is identified, the GSOC immediately responds, providing key intelligence and support. In addition, from a brand protection standpoint, the GSOC staff also monitors social media and online e-commerce sites such as eBay and Craigslist.
Included within the GSOC, is a centralized badging services group that provides employee ID badging, and overall access control for more than 70 locations in North America. The GSOC is a core component of the company’s crisis management program, monitoring the global crisis hotline and facilitating crisis communication to security and crisis management teams.
The proof of how well a GSOC works is when an incident takes place. For example, Soderberg says the GSOC team was extremely helpful with providing assistance during the recent Winter Storm Jonas in the U.S., the shootings in Paris (a Johnson Control employee was above the café in Paris where some of the shootings took place), and the Arab Spring. “Those types of stories happen all too often,” Soderberg says. “So with a large multinational company such as Johnson Controls, having a 24/7 GSOC that fits our needs is invaluable.”
The Top 10 Global Risks
The biggest threat to the stability of the world in the next 10 years comes from the risk of international conflict, according to the 10th edition of the Global Risks report from The World Economic Forum and Marsh & McLennan Companies.
The report, which every year features an assessment by experts on the top global risks in terms of likelihood and potential impact over the coming 10 years, finds interstate conflict with regional consequences as the number one global risk in terms of likelihood, and the fourth most serious risk in terms of impact. In terms of likelihood, as a risk it exceeds extreme weather events (2), failure of national governance systems (3), state collapse or crisis (4) and high structural unemployment or underemployment (5).
The survey rated water crises as the greatest risk facing the world. Other top risks alongside that and interstate conflict in terms of impact are: rapid and massive spread of infectious diseases (2), weapons of mass destruction (3) and failure of climate change adaptation (5).
With the 28 global risks that were assessed in 2015 grouped into five categories – economic, environmental, geopolitical societal and technological – 2015 stands out as a year when geopolitical risks, having been largely absent from the landscape of leading risks for the past half-decade, returned to the fore. With geopolitics increasingly influencing the global economy, these risks account for three of the five most likely, and two of the most potentially impactful, risks in 2015. Also in this category, three risks stand out as having intensified the most since 2014 in terms of likelihood and impact. These are interstate conflict with regional consequences, weapons of mass destruction and terrorist attacks.
The risk landscape in 2015 also shows that there remains concern over the world’s ability to solve its most pressing societal issues, as societies are under threat from economic, environmental and geopolitical risks. Indeed, the societal risk accounts for the top two potentially impactful risks.
Also noteworthy is the presence of more environmental risks among the top risks than economic ones. This comes as a result of a marked increase in experts’ negative assessment of existing preparations to cope with challenges such as extreme weather and climate change, rather than owing to a diminution of fears over chronic economic risks such as unemployment and underemployment or fiscal crises, which have remained relatively stable from 2014.
“Twenty-five years after the fall of the Berlin Wall, the world again faces the risk of major conflict between states,” says Margareta Drzeniek-Hanouz, Lead Economist, World Economic Forum. “However, today the means to wage such conflict, whether through cyberattack, competition for resources or sanctions and other economic tools, is broader than ever.”
In addition to assessing the likelihood and potential impact of 28 global risks, the report examines the interconnections between risks, as well as how they interplay with trends shaping the short- to medium-term risk landscape. It also offers analysis of three specific cases that emerge from the interconnections maps: the interplay between geopolitics and economics, the risks related to rapid and unplanned urbanization in developing countries and one on emerging technologies.
Top 10 Global Risks in Terms of Likelihood
- Interstate conflict with regional consequences (geopolitical risk)
- Extreme weather events (environmental risk)
- Failure of national governance (geopolitical risk)
- State collapse or crisis (geopolitical risk)
- High structural unemployment or underemployment (economic risk)
- Natural catastrophes
- Failure of climate change adaptation
- Water crises
- Data fraud or theft
Top 10 Global Risks in Terms of Impact
- Water crises
- Rapid and massive spread of infectious diseases
- Weapons of mass destruction
- Interstate conflict with regional consequences
- Failure of climate-change adaptation
- Energy price shock
- Critical infrastructure breakdown
- Fiscal crises
- Unemployment or underemployment
- Biodiversity loss and ecosystem collapse
On urbanization, the report considers how best to build sufficient resilience to mitigate the challenges associated with managing the world’s rapid and historical transition from predominantly rural to urban living.
The rapid pace of innovation in emerging technologies, from synthetic biology to artificial intelligence, also has far-reaching societal, economic and ethical implications. Developing regulatory environments that are adaptive enough to safeguard their rapid development and allow their benefits to be reaped, while preventing their misuse and any unforeseen negative consequences is a critical challenge for leaders.
John Drzik, President of Global Risk and Specialties at Marsh, says: “Innovation is critical to global prosperity, but also creates new risks. We must anticipate the issues that will arise from emerging technologies, and develop the safeguards and governance to prevent avoidable disasters.”