How Corporate Security Changed After 9/11
description
Transcript of How Corporate Security Changed After 9/11
![Page 1: How Corporate Security Changed After 9/11](https://reader035.fdocuments.in/reader035/viewer/2022062501/56815d8d550346895dcb9ce5/html5/thumbnails/1.jpg)
How Corporate Security Changed After 9/11
John M. McCarthyManaging PartnerBusiness Security Advisory Groupwww.bsag-cso.com
![Page 2: How Corporate Security Changed After 9/11](https://reader035.fdocuments.in/reader035/viewer/2022062501/56815d8d550346895dcb9ce5/html5/thumbnails/2.jpg)
The Business Security Advisory Group (BSAG) specializes in a broad range of corporate security consulting services including :
Business continuity, Risk assessment and management, Regulatory compliance, Strategic security planning and policy development.
Getting Ahead of the Problemswww.bsag-cso.com
![Page 3: How Corporate Security Changed After 9/11](https://reader035.fdocuments.in/reader035/viewer/2022062501/56815d8d550346895dcb9ce5/html5/thumbnails/3.jpg)
Corporate Security’s responsibilities prior to 9/11
Corporate Security’s responsibilities post 9-11
Laws and regulations regulating the security industry post 9/11
Corporate Security in the 21st Century
![Page 4: How Corporate Security Changed After 9/11](https://reader035.fdocuments.in/reader035/viewer/2022062501/56815d8d550346895dcb9ce5/html5/thumbnails/4.jpg)
Investigations – violation of corporate policy and other corporate crimes
Physical security – gates, guards, guns
Executive protection – ensuring top executives and families were secure
![Page 5: How Corporate Security Changed After 9/11](https://reader035.fdocuments.in/reader035/viewer/2022062501/56815d8d550346895dcb9ce5/html5/thumbnails/5.jpg)
Corporate Security generally a middle management responsibility
Corporate Security generally thought of as the “Corporate Cop”
Corporate Security plans and programs generally responsive or reactive to immediate incidents – no long term planning
![Page 6: How Corporate Security Changed After 9/11](https://reader035.fdocuments.in/reader035/viewer/2022062501/56815d8d550346895dcb9ce5/html5/thumbnails/6.jpg)
Mostly reactive-incident happens, security responds – fire house mentality
Stove Pipe thinking – Security programs sometimes contrary to Business Unit’s business plans and goals
Law Enforcement Driven – security goal must be attained at all costs – no priorities
![Page 7: How Corporate Security Changed After 9/11](https://reader035.fdocuments.in/reader035/viewer/2022062501/56815d8d550346895dcb9ce5/html5/thumbnails/7.jpg)
September 10, 2001 September 11, 2001
![Page 8: How Corporate Security Changed After 9/11](https://reader035.fdocuments.in/reader035/viewer/2022062501/56815d8d550346895dcb9ce5/html5/thumbnails/8.jpg)
Three thousand civilians murdered
$80 Billion dollars in losses
11 Million people in developing countries pushed into poverty.
Financial markets closed
Air transportation system grounded
![Page 9: How Corporate Security Changed After 9/11](https://reader035.fdocuments.in/reader035/viewer/2022062501/56815d8d550346895dcb9ce5/html5/thumbnails/9.jpg)
Mail Processing – 86%
Travel – 85% Protection of
Employees – 79% Protection of
Infrastructure – 75% Risk Assessment –
71%*3 Booz, Allen, Hamilton Survey – 11/01
Protection of Offices and Physical Plants – 69%
Employee Morale – 69%
Supply Chain Distribution – 51%
Customer Security – 50%
Productivity – 47%
![Page 10: How Corporate Security Changed After 9/11](https://reader035.fdocuments.in/reader035/viewer/2022062501/56815d8d550346895dcb9ce5/html5/thumbnails/10.jpg)
Corporate Security gets the attention of Executive Management
Corporate Security seen as a resource to the company not as a necessary evil
Corporate Security an advisor to Executive Management and Business Units concerning comprehensive security programs for personnel and corporate asset protection
![Page 11: How Corporate Security Changed After 9/11](https://reader035.fdocuments.in/reader035/viewer/2022062501/56815d8d550346895dcb9ce5/html5/thumbnails/11.jpg)
Corporate Security reports to the “C” suite in many companies and is no longer a mid-level executive responsibility
Corporate security executives become more business oriented in management style and program content
Corporate Security becomes an enterprise function of the company
![Page 12: How Corporate Security Changed After 9/11](https://reader035.fdocuments.in/reader035/viewer/2022062501/56815d8d550346895dcb9ce5/html5/thumbnails/12.jpg)
Emergency plans include crisis management, disaster recovery and business continuity developed in a proactive environment
Corporate Security executives now craft strategic and tactical security plans for business units.
Plans and programs consider business goals and budgets
All corporate security plans and programs are more proactive and include prevention of terrorist attack
![Page 13: How Corporate Security Changed After 9/11](https://reader035.fdocuments.in/reader035/viewer/2022062501/56815d8d550346895dcb9ce5/html5/thumbnails/13.jpg)
The Public Sector recognizes its greater responsibility to protect its citizens and assets
Corporate Security deals more with federal, state and local officials as security regulations exponentially increase
Public and private partnerships flourish as both attempt to craft meaningful emergency proactive plans, protective processes, security laws and regulations
![Page 14: How Corporate Security Changed After 9/11](https://reader035.fdocuments.in/reader035/viewer/2022062501/56815d8d550346895dcb9ce5/html5/thumbnails/14.jpg)
Corporate security plans and programs develop a legal compliance component as corporations comply with the new mandated legislation
Corporate Security’s programs are more restrictive and costly as both terrorism and legislative compliance are emphasized
![Page 15: How Corporate Security Changed After 9/11](https://reader035.fdocuments.in/reader035/viewer/2022062501/56815d8d550346895dcb9ce5/html5/thumbnails/15.jpg)
Legislation*Access to Information Act Arming Pilots Against Terrorism ActAviation and Transportation Security ActBank Protection Act of 1968 Canadas Bill C-6Childrens Online Privacy Protection Act (COPPA)Corporate Manslaughter and Corporate Homicide Act 2007(UK)Customs Modernization ActCyber Security Enhancement Act of 2002CyberCrime TreatyE-Signature ActEuropean Union Data Protection DirectiveExecutive Order 12958 – Information SharingExecutive Order 13224 –Doing Business w/ TerroristsExecutive Order 13231 – Infrastructure ProtectionExecutive Order 13234 –
![Page 16: How Corporate Security Changed After 9/11](https://reader035.fdocuments.in/reader035/viewer/2022062501/56815d8d550346895dcb9ce5/html5/thumbnails/16.jpg)
Legislation (Continued)
Citizen PreparednessFamily Educational Rights and Privacy Act Federal Anti-Tampering ActFederal Computer Security Bill –H.R. 1259Federal Hazardous Materials LawForeign Corrupt Practices ActHomeland Security ActInternational Emergency Economic Powers ActMaritime Transportation Security Act of 2002National Information Infrastructure Protection ActNotification and Federal Employee Anti-Discrimination and Retaliation ActPatriots ActPersonal Information Protection and Electronic Documents Act
![Page 17: How Corporate Security Changed After 9/11](https://reader035.fdocuments.in/reader035/viewer/2022062501/56815d8d550346895dcb9ce5/html5/thumbnails/17.jpg)
Legislation (Continued)
Presidential Directive 2Presidential Directive 3Presidential Directive 7Presidential Directive 8Public Health Security and Bioterrorism Preparedness & Response ActRobinson-Patman Anti-Trust ActSafe Explosives ActSafe Harbor ActThe Occupational Safety and Health Act The Currency and Foreign Transactions Reporting ActTitle 18 - Federal Sentencing GuidelinesTrade Act of 2002US Global Anti-Corruption PolicyUS The Currency and Foreign Transactions Reporting ActUSA PATRIOT ActVoluntary Private Sector Preparedness Accreditation and Certification Program*Above information furnished by Security Executive Council
![Page 18: How Corporate Security Changed After 9/11](https://reader035.fdocuments.in/reader035/viewer/2022062501/56815d8d550346895dcb9ce5/html5/thumbnails/18.jpg)
Executive Orders*1
Common Name Brief Description Citation Effective Date
Website
Executive Order 12958 - Information Sharing Prescribed a uniform system for classifying, safeguarding and declassifying national security Information
EO12958 Apr. 2001 http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=1995_register&docid=fr20ap95-135.pdf
Executive Order 13224 - Doing Business w/ Terrorists
Blocks property and prohibits transactions with persons who commit, threaten to commit, or support terrorism
EO13224 Sept. 2001 http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=2001_register&docid=fr25se01-133.pdf
Executive Order 13231 - Infrastructure Protection
Establishes a protection program to safeguard information systems for critical infrastructure
EO13231 Oct. 2001 http://www.whitehouse.gov/news/orders/
Executive Order 13234 - Citizen Preparedness
Establishes a Presidential Task Force on citizen preparedness in the war on terrorism
EO13234 Nov. 2001 http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=2001_register&docid=fr15no01-130.pdf
Presidential Directive 2 Seeks to combat terrorism through Immigration Policies; creates the Foreign Terrorist Tracking Task Force
NSPD-2 Oct. 2001 http://www.whitehouse.gov/news/releases/2001/10/20011030-2.html
Presidential Directive 3 Design system to create a common vocabulary, context, and structure for ongoing national discussion about the nature of the threats to US and the appropriate measures that should be taken in response
HSPD-3 http://www.whitehouse.gov/news/releases/2002/03/print/20020312-5.html
Presidential Directive 7 Established national policy for Federal departments and agencies to identify and prioritize US critical infrastructure and key resources and to protect them against terrorist attacks
HSPD-7 Dec. 2003 http://www.whitehouse.gov/news/releases/2003/12/print/20031217-5.html
Presidential Directive 8 Established policies to strengthen preparedness of US to prevent and respond to threatened or actual terrorist attacks--requires national domestic all-hazards preparedness goal
HSPD-8 Dec. 2003 http://www.whitehouse.gov/news/releases/2003/12/print/20031217-5.html
![Page 19: How Corporate Security Changed After 9/11](https://reader035.fdocuments.in/reader035/viewer/2022062501/56815d8d550346895dcb9ce5/html5/thumbnails/19.jpg)
Statutes*1
Common Name Brief Description Responsible Government Effective Department Citation Date Website
Homeland Security Act (incorporated Executive Orders above)
Establishes new Department of Homeland Security, reorganization plan
Dept. of Homeland Security
H.R. 5005; Pub.L. 107-296
Nov. 2002 http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=107_cong_public_laws&docid=f:publ296.107.pdf
Foreign Corrupt Practices Act (FCPA) Prohibits corrupt payments to foreign officials for the purpose of obtaining or keeping business.
Dept. of Justice 15 U.S.C. § 78dd-1, 78dd-2
1977 (amended 1998)
http://www.usdoj.gov/criminal/fraud/fcpa.html
Cyber Security Enhancement Act of 2002 Established stronger sentencing guidelines and policy statements to reflect the serious nature of certain computer crimes
Dept. of Homeland Security
6 U.S. C. § 145 Nov. 2002 http://www4.law.cornell.edu/uscode/6/145.html
Federal Anti-Tampering Act (FAT) Establishes criminal penalties for tampering, or attempting to tamper, with any consumer product that affects interstate or foreign commerce
Dept. of Health and Human Services (FDA)
18 U.S.C. § 1365
Nov. 2003 http://www4.law.cornell.edu/uscode/18/1365.html
![Page 20: How Corporate Security Changed After 9/11](https://reader035.fdocuments.in/reader035/viewer/2022062501/56815d8d550346895dcb9ce5/html5/thumbnails/20.jpg)
Statutes*1
Common Name Brief Description Responsible Government Department
Citation Effective Date
Website
International Emergency Economic Powers Act (IEEPA)
Incorporates multiple executive orders re: economic actions against adverse countries (Burma, Sudan, Iraq, etc.)
Dept. of Homeland Security
50 U.S.C. § 1701 et seq.
Nov. 2003 http://www4.law.cornell.edu/uscode/50/1701.html
National Information Infrastructure Protection Act Provides for stricter penalties to protect confidentiality, integrity and availability of systems and information
Dept. of Homeland Security
18 U.S.C. § 1030
Jan. 1997 http://www4.law.cornell.edu/uscode/18/1030.html
Public Health Security and Bioterrorism Preparedness & Response Act (PHSBPR)
Establishes national, state and local preparedness and response strategies, and procedures to protect US food, water, and drug supplies
Dept. of Homeland Security (DHHS)
H.R. 3448 Pub. L. 107-188
Jan. 2002 http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=107_cong_public_laws&docid=f:publ188.107
USA PATRIOT Act (a.k.a. Anti-Terrorism Act) Enhances powers to both domestic law enforcement and international intelligence agencies to deter and punish terrorism
Dept. of Homeland Security
H.R. 3162Pub.L. 107-56
Oct. 2001 http://www.eff.org/Privacy/Surveillance/Terrorism/hr3162.php
![Page 21: How Corporate Security Changed After 9/11](https://reader035.fdocuments.in/reader035/viewer/2022062501/56815d8d550346895dcb9ce5/html5/thumbnails/21.jpg)
Statutes*1
Common Name Brief Description Responsible Government Department
Citation Effective Date
Website
Maritime Transportation Security Act of 2002 (MTSA)
Requires sectors of maritime industry to complete security assessments, develop security plans and implement security measures and procedures.
Dept. of Homeland Security (U.S. Coast Guard)
46 U.S.C. § 2101 et seq. Pub.L. 107-295
Nov. 2002 http://www4.law.cornell.edu/uscode/46/2101.html
Federal Hazardous Materials Law Establishes regulations for transport of hazardous materials via all modes
Dept. of Homeland Security (DOT)
49 U.S.C. § 5101 et seq.
Jan. 1983 (amended last in 1999)
http://www4.law.cornell.edu/uscode/49/stIIIch51.html
Trade Act of 2002 Gave the president increased authority to make it easier to trade with other countries; also sought to protect workers displaced by jobs moving abroad
Dept. of Homeland Security (Customs)
Public Law 107-210
Aug. 2002 http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=107_cong_public_laws&docid=f:publ210.107
Notification and Federal Employee Anti-Discrimination and Retaliation Act (No FEAR Act)
Mandates that Federal Agencies be more accountable for violations of anti-discrimination and whistleblower protection laws
Dept. of Homeland Security
5 U.S.C. § 2302 et. seq. Pub.L. 107-174
Oct. 2003 http://www4.law.cornell.edu/uscode/5/2302.html
![Page 22: How Corporate Security Changed After 9/11](https://reader035.fdocuments.in/reader035/viewer/2022062501/56815d8d550346895dcb9ce5/html5/thumbnails/22.jpg)
Statutes*1
Common Name Brief Description Responsible Government Department
Citation Effective Date
Website
Customs Modernization Act (Mod Act) (Passed as part of NAFTA)
Sets out specific rules and requirements for importers, brokers, and others regarding recordkeeping
Dept. of Homeland Security (Customs)
H.R. 3450 Pub. L 103-182
Jan. 1993 http://thomas.loc.gov/cgi-bin/query/C?c103:./temp/~c103xXsW4u
Arming Pilots Against Terrorism Act (Sec. 1401 of Homeland Security Act)
Establishes a program to deputize pilots
Dept. of Homeland Security (DOT)
Pub.L 107-296 Nov. 2002 http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=107_cong_public_laws&docid=f:publ296.107.pdf
Aviation and Transportation Security Act (ATSA) Established Transportation Security Association and centralized security system for the transportation industry
Dept. of Homeland Security (DOT)
S. 1447 Pub. L 107-71
Nov. 2001 http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=107_cong_public_laws&docid=f:publ071.107.pdf
Safe Explosives Act (Sec. 1122 of Homeland Security Act)
*1Above information furnished by the Security Executive Council
Amended section 18 USC 842(i) by adding several categories to list of person who may not lawfully ship, transport, or receive explosives in/out of US
Dept. of Homeland Security (DOT)
PL 107-296 Nov. 2002 http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=107_cong_public_laws&docid=f:publ296.107.pdf
![Page 23: How Corporate Security Changed After 9/11](https://reader035.fdocuments.in/reader035/viewer/2022062501/56815d8d550346895dcb9ce5/html5/thumbnails/23.jpg)
Vicarious corporate executive liability for violation of some of the criminal and environmental laws
Civil liability in money damages for tort law violations
Criminal liability for companies and employees in foreign venues for violations of international laws and regulations
Overarching federal statutes either mandate or furnish guidelines for fines and/or punishment for violation of statutes and regulations
![Page 24: How Corporate Security Changed After 9/11](https://reader035.fdocuments.in/reader035/viewer/2022062501/56815d8d550346895dcb9ce5/html5/thumbnails/24.jpg)
Corporate Security executives will be law enforcement and business qualified and also possess some technical security and management ability
Chief Security Officer will report to Executive Management and have complete unfettered access to the “C” suite
Corporate Security will have an enterprise component and deal with security matters in a manner business executives will understand
![Page 25: How Corporate Security Changed After 9/11](https://reader035.fdocuments.in/reader035/viewer/2022062501/56815d8d550346895dcb9ce5/html5/thumbnails/25.jpg)
Corporate Security plans and programs will be mostly pro-active and preventative anticipating security challenges and emergencies before they occur
Corporate Security will use the team concept and interact with all the business units and service departments to ensure cost effective corporate security policy is practically implemented company wide.
![Page 26: How Corporate Security Changed After 9/11](https://reader035.fdocuments.in/reader035/viewer/2022062501/56815d8d550346895dcb9ce5/html5/thumbnails/26.jpg)
Corporate Security plans and programs will have to deal with the reality of government regulation and develop innovative methods to keep current with the laws and effect compliance
Develop innovative methods to ensure security solutions are as multi-faceted as possible so that the cost and compliance components can be spread among other business units
![Page 27: How Corporate Security Changed After 9/11](https://reader035.fdocuments.in/reader035/viewer/2022062501/56815d8d550346895dcb9ce5/html5/thumbnails/27.jpg)
Corporate Security will re-orient its goals from strictly law enforcement objectives to ones that includes a business component e.g. provide metrics for security services that: Increase profitability Reduce costs Enhance the brand Improve customer relationships Reduce employee attrition
![Page 28: How Corporate Security Changed After 9/11](https://reader035.fdocuments.in/reader035/viewer/2022062501/56815d8d550346895dcb9ce5/html5/thumbnails/28.jpg)
Drug Testing Programs Employee Reduction Programs Investigative and Interview Training Background Inquiries Expatriate Mobilization Programs Workplace Violence Programs Crisis Management Programs Security Awareness Programs Domestic and Global Evacuation Programs
![Page 29: How Corporate Security Changed After 9/11](https://reader035.fdocuments.in/reader035/viewer/2022062501/56815d8d550346895dcb9ce5/html5/thumbnails/29.jpg)
QUESTIONS?