international perspectives on our security ... - map …asia pacific: focus on these regions where...
TRANSCRIPT
1
INTERNATIONAL PERSPEC TIV ES ON OUR SEC URITY C HALLENGES
Tuesday, September 26, 2017
Session Number: 5309
2
2
S P E A K E R S
Berndt RifSenior Policy Advisor Protective SecurityDe Nederlandsche Bank NV (Dutch Central Bank)
Grace LiVice President, Global Accounts APACConvergint Technologies
James MorrisRegional Security ManagerAon
Phillip Banks - ModeratorDirectorThe Banks Group Inc.
3
• Businesses, like risks, no longer exist in isolation
• Companies can…
• Operate multi-nationally
• Consider opportunities overseas
• Have employees travel overseas
• Support clients that do
• Use a global supply-chain
3
W H Y ?
4
• Perception of security
• Can vary from guns and gates, to police force
• Having a traditional background doesn’t prepare you for international environments
• Corporate trusted resource and business enabler? Risk vs opportunity
• Corporate support and “ownership”?
• Security network, experience of ASIS, certification
• Competition for members – not one voice
• Standards
• Try to implement international standards in completely different environments – like square peg into round holes
• Suppliers and procurement
• Can be very main market focused, not realistic approach to other environments
• New risks – pandemics, cyber, international environments/partnerships
• Try to take a same-as approach
• Realistic versus Perceived risks; how determined?
4
C H A L L E N G E S / D I F F E R E N C E S
5
5
P E R C E P T I O N O F S E C U R I T Y
Security Manager
What my friends think I do What society thinks I do
What my (non-security boss) thinks I do
What I actually do
What my Mum thinks I do
What I think I do
6
6
P R O P O S A L
Instead of: Aim for:
Information Response
InvestigateAudits
Training Crisis
ESRM
Assess
Analyse
Mitigate
Review
7
C H A L L E N G E S O F I M P L E M E N T I N G G L O B A L S E C U R I T Y S TA N D A R D S A N D P R O G R A M S ( T E C H N O L O G Y C E N T R I C )
• Cultures & Languages
• Laws and Regulations
• Partners & Partnership
• Key Elements in Planning
7
I M P L E M E N T A T I O N
8
A S I A PA C I F I C : F O C U S O N T H E S E R E G I O N S W H E R E M O S T M U LT I N AT I O N A L C O M PA N I E S O P E R AT E ( P R I VAT E S E C T O R )
• India
• Southeast Asia
• Greater China
• Mainland China, Hong Kong, and Macau
• Taiwan
• Australia
• Japan
• South Korea 8
I M P L E M E N T A T I O N
9
C H A L L E N G E S O F I M P L E M E N T I N G G L O B A L S E C U R I T Y S TA N D A R D S A N D P R O G R A M S ( T E C H N O L O G Y C E N T R I C )
• Cultures and Languages
• English vs local languages
• Culture diversity in effective communication
• Transparency and consistency with different groups
• Security as adversary or corporate ambassador
9
I M P L E M E N T A T I O N
10
C H A L L E N G E S O F I M P L E M E N T I N G G L O B A L S E C U R I T Y S TA N D A R D S A N D P R O G R A M S ( T E C H N O L O G Y C E N T R I C )
• Laws and Regulations
• Local legal environment (Standards and Procurement);
• Local codes, licenses/certificates, issuance requirements (Standards, Procurement and Vendor Qualification);
• Ricks and way to avoid in across-region operations (Vendor Qualification and Procurement);
• Inconsistency in enforcement of agreement at national, regional and community levels (Contract Execution and Vendor Management); 10
I M P L E M E N T A T I O N
11
C H A L L E N G E S O F I M P L E M E N T I N G G L O B A L S E C U R I T Y S TA N D A R D S A N D P R O G R A M S ( T E C H N O L O G Y C E N T R I C )
• Partners and Partnership
11
I M P L E M E N T A T I O N
* Ref.: Convergint Technologies, 2017
12
C H A L L E N G E S O F I M P L E M E N T I N G G L O B A L S E C U R I T Y S TA N D A R D S A N D P R O G R A M S ( T E C H N O L O G Y C E N T R I C )
• Key Elements in Planning
• System infrastructure can vary
• Availability & logistics (lead-time)
• Cost structure is different
• Tax complexation & special tax zones
• Service levels & program
12
I M P L E M E N T A T I O N
Make an informative decision…!
13
Future
Present
Past
• Threat assessment• Target hardening is an out of date (20th
century) concept
• Classical background screening does not identify a possible threat (anymore)
• Regular planning & control cycles are good for the adversary, bad for defense
• Enterprise-wide security threat and risk management is critical
14
14
Q U E S T I O N S
15
• What is the biggest lesson that you think security practitioners can learn from international colleagues?
15
C L O S I N G T H O U G H T
16
16
T H A N K S F O R Y O U R T I M E
16
Berndt RifSenior Policy Advisor Protective SecurityDe Nederlandsche Bank NV (Dutch Central Bank)
Grace LiVice President, Global Accounts APACConvergint Technologies
James [email protected]
Phillip Banks - ModeratorDirectorThe Banks Group Inc.