SM04: Transforming Your Security Command Post into a Strategic Information Nerve Center

Transcription

1 SM04: Transforming Your Security Command Post into a Strategic Information Nerve Center Bob Banerjee, Sr. Director of Training and Development, NICE Systems (Moderator) Brad Brekke, Vice President of Corporate Security, Target Corporation Tim Rigg, Managing Director, Enterprise Protective Services, Duke Energy Chris Swecker, CEO, Chris SweckerEnterprises pm, April 9, 2013 Incident Lifecycle Activity Level Situational Awareness Situation Management Time What was the delay? Situation Reconstruction 1

2 The Big Drivers PSIM is not about integration. PSIM is about handling incidents better, fewer resources, continuously improving. I want better situational awareness I want to know when something bad happens as quickly as possible I want to monitor the situation as it evolves I want a 360 degree view of all my systems, but I want to filter out the noise and false alarms and focus on the real issues The Big Drivers I want to manage situations better I want to resolve incidents faster, before they consume vast resources or escalate out of control I want consistency, regardless of who s on duty, tenure, location or culture I want to be able to keep stake holders informed as certain issues evolve I want comprehensive reports that pull information from all the people and time-synched systems that were involved I want to be able to prove the right people, did the right thing at the right time I want to be compliant I want to prove I was compliant 2

3 The Big Drivers I want to foster a culture of a learning organization I want to systematically improve how we operate I want to know how we handled an incident, re-enacting it back step by step so I can spot the areas for improvement or training I want to dry-run new operating procedures The Big Drivers I want the right to change my mind without being penalized I have a large investment in system X. I want to expand using system Y, but I feel locked into X. My only option is to rip and replace. Particularly common with VMS and Access Control, but applies to all systems. Using PSIM allows you to have one interface over a number of different physical systems. You shouldn t care about the physical implementation. 3

4 Brad Brekke Target Corporation Risk / Resources Talent Information Technology Partnerships 4

5 Transforming Your Security Command Post into a Strategic Information Nerve Center Brad Brekke, Vice President, Corporate Security - Target Target Corporate Security Scope of Services 365,000 Team Members 16 Headquarters Facilities 1,782 US Stores 37 US Distribution Centers 162,240 Containers Imported Canadian Stores 3 Canadian Distribution Centers 26 Overseas Sourcing Offices 3,000+ Factories Target India 5

6 Identifying Risks Financial Operational Reputation Supply Chain Team Member Safety Minneapolis-St. Paul Business Journal. May 9 th,

7 Corporate Command Center (C3) C3 Capabilities & Services Business monitoring Information triage & escalation Single source of truth Global Situational Awareness Incident, Crisis, & Disaster Leadership Response coordination Crisis communication Program governance & management Centralized Security Operations Event planning & support Central services (ex: Guard Requests) Executive Travel 7

8 Information Sources Private Sector Intelligence Trade Groups Weather Public Sector Federal Agencies Fusion Centers Law Enforcement Internal Facility Operations Flight Services Intelligence IT Security Operations Technology Operations Command Centers Single Source of Truth Access Management Corporate Aircraft Tracking EOC Management System HQ Networked Radios Knowledge Management Target Video Solutions Travel Tracking Weather Monitoring C3 Technologies 8

9 Crisis Management Framework Clearly defined decision and communication framework Command Center Team leads corporate response Single point of view for updates across corporation Tactical Intelligence Country risk Developing situations Travel safety & security Intelligence Strategic Intelligence Cyber intelligence Geopolitical risk Social media Strategic insights 9

10 Corporate Fusion Center Corporate Fusion Center Reputational insights Media analysis Social Media Traditional Media Reputational Risks Brand Emerging Issues FCPA Compliance Labor issues Operational Approach Identify risks Address risks People Technology Facilities Supply Chain Establish a single source of truth Decision making framework Scale functions over time Internal Marketing 10

11 Hurricane Sandy Outcomes 265 Facilities were in the path of the storm 196 Facilities closed ahead of the storm 195 Facilities reopen within 72 hours 0 Team Member Injuries Incident Timeline Sandy makes landfall in early evening in NJ as Category I Hurricane. 4 stores closed, 192 stores reopened. Distribution Centers open. Disaster supplies and C3 begins monitoring Tropical Storm Sandy. Preparedness efforts continue. generators will remain in place in anticipation of second incoming storm Oct 24 Oct 26 Oct 27 Oct 28 Oct 29 Oct 30 Oct 31 Nov 1 Nov 5 Nov 7 Nov 9 C3 Activates with the Green Team and begins preparedness calls 196 stores & 10 support All stores are open. Some facilities close. All DCs stores close early due to local open. restrictions. Several NY/NJ 170 stores reopen. 26 stores stores close early remain closed. Several stores due to local close early due to local restrictions. restrictions C3 and the Green Team Deactivate Hurricane Sandy Outcomes Target experiences no detrimental incidents of any type International Business Times 11/3 Community Partnerships & Coverage KARE-11 Television 11/8 11

12 Hurricane Sandy Outcomes Captured Sales 30-Oct 31-Oct 1-Nov 2-Nov 3-Nov Target sales from reopened stores Sales if Target reopened at competitor pace Hurricane Sandy Outcomes Operational Impact Financial Benefits Reputational Enhancement Reported to Executive Leadership and the Board of Directors 12

13 Tim Rigg Duke Energy Enterprise Security Risk 13

14 Enterprise Security Risk Enterprise Security Risk 14

15 Enterprise Security Risk Strategic Command Post Development Business Case Recap - Focus on Minimizing Risk Speak the risk language; think and speak like the CRO Understand the risk equation components Collaborate to inventory the enterprise on needs ; operational and internal service providers Translate needs to services Correlate the services to satisfy Board Level Risk categories 15

16 Strategic Command Post Development Needs An executive sponsor to help with the difficult sales pitch A business case that aligns with your corporate norm Collaboration with all the right stakeholders Potential funding source(s) for both initial and ongoing investments Location, location, location Redundant building systems Quality IT infrastructure Creature comforts At the end of the day, take what you can get Strategic Command Post Development Understand Business cases are unlikely to effectively compete for funds on their own merit An executive sponsor can make the difference find an influencer PSIM can assist you with many efficiencies including space and expansion management 16

17 Chris Swecker Chris Swecker Enterprises Silos of Excellence Hinder Cohesive PSIM Responses CAMERAS ACCESS CONTROLS ALARMS INTERNALSOURCE PUBLIC SOURCE INCIDENTS 17

18 Inability to Integrate Information World Trade Center 1993 Bojinka Plot Minneapolis Arizona Meeting in Manilla San Diego safe house Traffic stops Agency info Intelligence chatter Success Measures: Incident Reductions Bank robberies reduced over 50% ATM burglaries losses/damage virtually eliminated Savings: Over 10 Million 18

19 The Collateral Business Benefits of PSIM Consolidation of CP Operations Results in Efficiencies and Savings Conduct Ongoing Real Time Inventory Assessment Observe and Analyze Customer Behavior and Flow Leverage Technology to Eliminate Manual Processes Reduction of Losses Due to Incident Reductions Decrease Insurance Rates Reduction of False Alarms Questions? Bob Banerjee, NICE Systems Brad Brekke, Target Corporation Tim Rigg, Duke Energy Chris Swecker, Chris Swecker Enterprises April 9,