Preserving capacity, General Tom Lawson, Chief of the Defence Staff, Keys to Canadian SAR
Issue link: http://vanguardcanada.uberflip.com/i/122908
s seCurity PeRIPheRal PlaYeR: corporate intelligence and your cSo During a recent presentation to the canadian Security Partners' Forum, Lisa Gordon-hagerty, the former director of combating terrorism for the White house National Security council, reminded the audience of the link between national security and corporate security. corporations, she said, will need to approach intelligence gathering much as governments do. "If you don't have good intelligence gathering, you won't know what the threats are." easier said than done. many companies have yet to recognize the true capability of their security operations, and most governments are still evolving the ways in which they share intelligence with the private sector. david Burrill, the chairman and ceo of the Burrill Green Group, has spent decades advising companies and instructing security practitioners from the military to the corporate world. he recently spoke to the canadian Security executive Forum about the link between business success and corporate intelligence and security. he shared some of his thoughts with Vanguard. Q How well are corporate intelligence and security understood? Corporate security is almost the flip side of the coin of corporate intelligence – you can't have effective corporate security without effective intelligence. But if you talk to most business people about intelligence, they tend to think marketing intelligence. Business security intelligence is that intelligence that is required to ensure you really understand the risks, are making the correct security decisions and putting in place the correct security measures, processes, equipment, attitudes, policies, strategies, etc. The two disciplines cannot really be separated. Corporate security is a relatively immature function. Most business people other than those engaged in it will not think of security being core to the business. Many see it as a rather regrettable expense. The reasons for that are largely historic, because most of the people 40 APRIL/mAy 2013 www.vanguardcanada.com who were brought into the corporate environment to deliver security were people who had been attracted out of traditional backgrounds – military, police, security services, intelligence services – and they were often brought in to do limited jobs against what the business thought their exposures were. They didn't have any great ambition to understand business; being peripheral was their just reward. What value you can bring to the business as a whole is fundamentally what drives most business functions, but sadly it is not what has generally driven security within a business environment. In truth, that was most definitely the case in the early 1990s. There has been a sea change. Most people think of 9/11 as a wakeup call. I say that was the wakeup call for those who were still asleep; 9/11 was just another example – a horrific example – of the extreme volatility that had developed following the collapse of the Soviet Union. Whatever its failings, the Cold War imposed a degree of stability across the world, and it's collapse created new opportunities for violence, political corruption and criminal activity on a massive scale. So, in the early '90s the description of security as immature started to be challenged by some thought leaders who recognized that the situation required more than a part-time person to be able to understand the world better and apply a greater use of intelligence. That change in attitude caused a dynamism in the thinking of some of those involved in the corporate security environment and led to the beginnings of a slow movement that realized there was so much more that security could offer business. But the business top management – C-suite, boards, whatever you want to call them – have never really understood it. There needs to be an awakening, both for the practitioners and for those for whom they are carrying out the practice. Q Is the Chief Security Officer regarded much as the Chief Information Officer once was, as a mid-level IT systems manager rather than a strategic partner?