GET THEIR ATTENTION

Oct 1, 2003 12:00 PM, by Corrina Stellitano

           

The event occurring in Washington, D.C., that morning was beyond the nightmares of most Americans, and working on the upper floors of the Gannett and USA TODAY buildings just across the Potomac River, the employees of USA TODAY had a front-row view. On Sept. 11, 2001, they watched American Flight 77 pierce the formidable hull of the United States Pentagon and explode. In that moment, security became a topic of paramount importance.

Two years later, the terrifying memory has not completely faded, even as they work in their new 1.5 million-square-foot landmark facility, crowned with the Gannett Co. and USA TODAY logos — and located in the flight path from Washington Dulles International Airport to the Capitol.

“That's a worst-case scenario, but that was a catalyst for looking at all our business continuity and contingency planning. It really drove home the point that we all need to be prepared more than at the surface level,” says Glenn Sandford, CPP, manager of corporate security and safety, USA TODAY/Gannett Co. “This company takes this very seriously and they take very seriously security's role in this (process).”

In the last two years, this focus on security was reenacted across the nation. Companies reviewed their security plans and sought to increase precautions. As time passes, however, the day's concerns — the wavering economy, international conflict, even California's gubernatorial election — could draw attention away from the corporate security homefront. Interviews with security directors across the country reveal five ways to keep security top-of-mind in the organization:

1. Establish Security As The Source For Crucial Information

   Security directors today navigate a treacherous field; like media outlets, they risk desensitizing and alienating their employees with an onslaught of information. But careful dissemination of information can create an informed and helpful workforce.

   “There's more and faster information flowing through the security community, with much of it via the Internet,” says Mike Phelan, vice-president of training for King of Prussia, Pa.-based Allied Security, a contract security officer company with more than 16,000 employees. “More than ever before, a good security director needs to be a good communicator, an adept information disseminator without being the boy who cried wolf.”

   At Time Warner Cable, Brian Allen, director of corporate security, found Phelan's observations reflected in his employees' requests. “Before the start of the last war, we were expected to send out memos discussing our anticipation,” he says. “Pre-Sept. 11, I'm not sure employees even wanted to hear from the security department. I think there was an expectation during this past war that they wanted to hear what information and warnings we were aware of.”

   Time Warner executives have begun to use the expertise of the security department even during their off-hours. “We no longer just look at our employees in the workplace,” Allen says. “When our executives travel, we also do risk assessments of those situations. Your executives are important whether they're at work or travelling.” Allen furnishes the executives with State Department alerts, the addresses of embassies, and the contact information of the Time Warner security staff. “And the expectation is that we would respond if called upon,” he says.

   Effective security directors at companies with multiple locations or branches are on the road more themselves these days. Gannett's Glenn Sandford says he is asked more frequently to conduct site visits and security evaluations, as well as lectures on safety and evacuation procedures, and communications during emergencies. Recently, he was reminded of the effectiveness of these lectures when the August 14 power failure plunged the Northeast into darkness the day after he had lectured on evacuation procedures at a New York high-rise building.

   Information requests shouldn't be limited to terrorism-related topics, however, security directors say. Gus Bremer, security manager for the Miami-based Ryder System, a $4.78 billion transportation management company, says his security department has taught presentations on topics from identity theft to SARS. Ryder's field safety and security staff also offers online security training and classes for the drivers and employees of the company's customers.

   For its manufacturing locations in 42 countries, Irving, Texas-based Kimberly-Clark's Global Security department created a Risk Options chart with suggested base-line security precautions divided into color-coded levels. These suggestions aren't delivered as unsupported mandates, however, says Marty Bishop, senior regional manager in the Americas, global security, Kimberly-Clark. Kimberly-Clark security teams travel to plant sites in various countries conducting focus group studies and helping to prepare risk mitigation plans.

   “We have set the tone that we will respond to the needs of our internal clients. We'll get them the resources and go down there at a moment's notice,” he says.

   At Minneapolis-based Xcel Energy, the security department partners with the corporate communications department annually to distribute gold wallet-sized cards detailing contact information for security personnel, along with a brochure of security services. With security awareness presentations, “we try to reach a new 1,000 people each year,” says Scott McCoy, CPP, director of security for Xcel Energy. The Xcel security team also posts information on department bulletin boards and leaves security reminders when they spy a breach, such as a purse left unattended.

2. Take Your Seat At The Boardroom Table

   Whether because of concern inspired by the terrorist attacks or because of a proven track record of success, many security professionals are finding themselves in a welcome, but unfamiliar, spot: at the senior management table.

   “Security was often asked to give input in security-related matters,” says Kim Kerr, director of security services at the Orem, Utah-based PeopleWise (a division of the Lexis-Nexis Group). “But now we're being asked to make the decisions. This has made security personnel better managers.”

   Time Warner Cable's Brian Allen describes a recent security event that reflects how security personnel are being called to the forefront in his company. When stalkers sought to endanger on-air personalities, the security department was brought in quickly to reduce risk to these valued employees. “I think (executives are) realizing the benefits of security,” Allen says. “We're able to take preventive steps; whereas before it would have been reactive, bringing us in if violence occurred.”

   This new position of empowerment delivers both benefits and new responsibilities, some security directors say. “I think it's a tremendous synergy that develops, especially at our corporation,” Kerr says. “We have a better understanding of hiring, of operations, of the boardroom process. With any opportunity, there's obviously risk from a professional standpoint. We have a platform to voice our concerns, but we have to work harder. The bar has been raised.”

   Gus Bremer of the Ryder Corp. says this shift could eventually transform the role of the security director. “Security is participating much more in the business processes. But it puts a heavy responsibility on security folks to learn a lot more about business management,” he says. He envisions future security pros armed with MBAs with an emphasis on corporate security.

3. Be a Dollars-and-Cents Guy — Document ROI

   Security directors may have found their place in the boardroom, but this means they are available to answer a pointed question: Where are the security dollars going? A new decision-making power means security directors must be prepared to demonstrate the return on security investment, they say.

   At the Gannett/USA TODAY headquarters in Tyson's Corner, Va., executives began asking how the front-line security personnel were contributing to the overall security plan and budget. “Corporate leadership has a lot more interest and inquiry into why things work the way they do, and what expenses are associated with them,” Sandford says. “The message is, “Are we getting out of our uniformed staff all that we can?”

   After the events of Sept. 11, 2001, and the company's Nov. 2001 relocation to its new headquarters, Gannett/USA TODAY leaders decided to increase pay and ask their security vendor for security officers “who could exercise greater communication and decision-making skills. We wanted our staff to know what to do, and why they are doing it.” The ROI in this case was clear, Sandford adds. Now “you've got a security staff that is good at solving problems. That's been of great value to us.”

   Bill Sewell, senior vice president of Los Angeles-based DMJM Technology, says security is increasingly being factored into the bottom line of many companies. “Right now security is a more integral part of the workplace from (ensuring the) psychological comfort (of employees) to (minimizing) risk and liability. If you can show an insurance company you are doing all you can, your premiums will go down.”

   At Time Warner Cable, security personnel have increased documentation and made changes in how they track expensive electronic equipment. Again the ROI is evident: “It's not that we recovered two million in equipment, we just didn't lose it this year,” Allen says, adding that it is also important to document workload. “(We try to) keep upper management apprised of our workload and the reliance of other departments, that they have reached out to us,” he says.

   Today's customers may expect to receive the benefits of sufficient security in the final price tag. “For example, our customers now want to know about our security processes. And that factors into their overall decision,” says PeopleWise's Kim Kerr. “Because of being able to measure the cost of security, it's now being seen that there are dramatic linkages between loss prevention, employee turnover, loss of proprietary information, and the image of the company and the bottom line.”

   Security officials may receive the benefits of a higher profile, but they must back the position with action, Kerr says. “I don't think we should spend one dollar in security unless it affects positively the bottom line. We have to prove it's a necessary cost of doing business, or that it's an investment into the business.”

   This accountability is even more important in a stagnant economy, says Marty Bishop of Kimberly-Clark. The company has reduced its global security department by an associate director, a manager and a security representative. They have not stopped demonstrating ROI, however. They recently completed a study comparing the company's security costs as a percentage of revenue with 17 other companies. “We operate at half the cost with three times less security employees and three times as many total employees. Yet we have fewer reported incidents,” Bishop says.

4. Boost Interaction With Other Company Departments

   Walls are tumbling at the corporate level these days. More and more security staffs are being called upon to work closely with departments they might have previously seen only at the Christmas party. This can mean extra work, or a great opportunity to increase the perceived value of the security personnel.

   Gannett's brand-new business continuity team includes not only the facilities and newspaper management departments, but also the human resources, legal, IT and security departments. Kimberly-Clark's on-site security focus groups include personnel from finance, mill management, human resources, auditing, legal, MIS, security, sales and manufacturing.

   At the Ryder Corp., the security department has “been more involved at the beginning in our site selection for new businesses, and in our responses to potential customers. That's a significant improvement I've seen at our company over the last couple of years,” says Gus Bremer.

   At Garden Ridge, a home decor and craft retailer with 44 locations, the security staff has increased interactions with merchants and their employees. “We interacted with the merchants previously due to shrink-related issues, but now we're adding a dimension to that relationship that wasn't there before,” says Joe Davis, CPP, director of loss prevention and safety. “We have (also) worked more proactively with our human resources group to look at issues brought up in (merchant) surveys. We've tried to address those issues to make employees feel more comfortable in their workplace.”

   The blurring of lines between departments can be even more pronounced. Explains PeopleWise's Kim Kerr: “We had a large project recently, and I eventually became the project manager. We're starting to see some cross-pollination between the operations and security roles. (And) hiring people normally was an HR function with some input from security. We actually partner now, making sure background checks occur, etc.”

5. Understand the Impact of New Security Regulations

   As security was shoved to the forefront of the national focus, governmental bodies sprung into action, introducing regulations and legislation. Security professionals can raise their profile and aid their companies by becoming familiar with these rules and their implications for daily business operations.

   “It's up to the individual company to ensure these procedures are followed with reviews, paper trails and auditing,” says Jeff Landreth, senior vice president in charge of risk assessment and the learning and development division of New York-based Guardsmark.

   Federal mandates, like the standard introduced by the North American Electric Liability Council in June, can mean a different sort of security for the security pros: “If you have federal mandates, you have job security (as a security department),” says Xcel Energy's McCoy. “All the services we provide — site surveys and investigations — we felt they were necessary and mandatory. But now we have a mandating body (enforcing) that for us.”

   Close communication with federal agencies is necessary to ensure compliance. McCoy's staff tries to provide the essential information to company executives and to Xcel's individual power stations: “We tell them what we believe these regulations mean. We make ourselves invaluable by aiding them as much as we can, not by telling them they have to do something, but by helping them to do it.”

   Customs regulations such as the U.S. Customs Trade Partnership Against Terrorism (CTPAT) require similar involvement by security pros in the consumer goods and transportation industries. “The message now is: ‘OK, security, you have to sit closer to the front now, because these questions are being asked at the beginning rather than as an afterthought — questions like: ‘How will you help us comply with these regulations?’” says Ryder's Bremer.

   “Customs wants to make sure companies have physical security programs and logistics tracking systems in place. This has required me to gain a much greater understanding of logistics processes — understanding where the weaknesses are in our current program and helping to tighten those up where possible,” says Joe Davis, Garden Ridge.

   Though this oversight can be voluntary, its benefits are evident, says Kimberly-Clark's Marty Bishop. “We here see CTPAT as a voluntary validation. It proves we cover areas of the supply chain. Because you have been certified, your products won't be held up.”

   At Time Warner Cable, the security department has initiated another non-traditional function for its staff. To fight signal theft, security staff members have begun lobbying for change in legislation.

   Security officials should expect, and even embrace, such non-traditional tasks in the future, says Gary Hetrick, CPP, manager of corporate security for the Perrigo Co., the Allegan, Mich.-based marketer of store-brand over-the-counter pharmaceutical and nutritional products. “Security directors are required, more than ever, to be leaders of change rather than managers of existing resources,” he says. “We need to find new ways to enhance security while being conscious of the expenses of delivering security. Security directors need to be proactive and seize every opportunity to raise security awareness.”

For the Record

About The Companies

For information, circle the Reader Service number (listed below) or visit securitysolutions.com

Want to use this article? Click here for options!
© 2008 Penton Media Inc.

SUBSCRIBE

Select an Issue April 1, 2008 March 1, 2008 February 1, 2008 January 1, 2008 December 1, 2007 November 1, 2007 October 1, 2007 September 1, 2007 August 1, 2007 July 1, 2007 June 1, 2007 IP Security Supplement May 1, 2007 April 1, 2007 March 1, 2007 February 1, 2007 January 1, 2007 School Security December 1, 2006 November 1, 2006 October 1, 2006 September 1, 2006 August 1, 2006 July 1, 2006 June 1, 2006 May 1, 2006 April 1, 2006 March 1, 2006 February 1, 2006 January 1, 2006 December 1, 2005 November 1, 2005 October 1, 2005 September 1, 2005 August 1, 2005 July 1, 2005 June 1, 2005 May 1, 2005 April 1, 2005 March 1, 2005 February 1, 2005 January 1, 2005 December 1, 2004 November 1, 2004 October 1, 2004 September 1, 2004 August 1, 2004 July 1, 2004 July 1, 2004 June 1, 2004 May 1, 2004 April 1, 2004 March 1, 2004 February 1, 2004 January 1, 2004 December 1, 2003 November 1, 2003 October 1, 2003 September 1, 2003 August 1, 2003 July 1, 2003 June 1, 2003 May 1, 2003 April 1, 2003 March 1, 2003 February 1, 2003 January 1, 2003 December 1, 2002 November 1, 2002 October 1, 2002 September 1, 2002 August 1, 2002 July 1, 2002 June 1, 2002 May 1, 2002 April 1, 2002 March 1, 2002 February 1, 2002 January 1, 2002 December 1, 2001 November 1, 2001 October 1, 2001 September 1, 2001 August 1, 2001 July 1, 2001 June 1, 2001 May 1, 2001 April 1, 2001 March 1, 2001 February 1, 2001 January 1, 2001 December 1, 2000 November 1, 2000 October 1, 2000 September 1, 2000 August 1, 2000 July 1, 2000 June 1, 2000 May 1, 2000 April 1, 2000 March 1, 2000 February 1, 2000 January 1, 2000 December 1, 1999 November 1, 1999 October 1, 1999 September 1, 1999 August 1, 1999 July 1, 1999 June 1, 1999 May 1, 1999 April 1, 1999 March 1, 1999 February 1, 1999 January 1, 1999 December 1, 1998 November 1, 1998 October 1, 1998 September 1, 1998 August 1, 1998 July 1, 1998 June 1, 1998 May 1, 1998 April 1, 1998 March 1, 1998 February 1, 1998 January 1, 1998 December 1, 1997 November 1, 1997 October 1, 1997 September 1, 1997 August 1, 1997 July 1, 1997 June 1, 1997 May 1, 1997 April 1, 1997 March 1, 1997 February 1, 1997 January 1, 1997

This month in Access Control

• Opening Up About Door Closers
• An Enterprise Approach
• The Framework For Open Systems
• On A Higher Plane
• More from April's issue