O'Hara: It's significantly different. Yesterday we operated with fences, gates, guards and cameras. We were worried about people taking minor items out of the workplace. The fences, guards and gates are not as important these days for many businesses. The assets are electronic; they are built on and live on the Internet. The facility environment today is more open; employees want to come and go with their electronic access card; they don't want to be stopped by a fence or a gate. Today, they want a card in their hand and the ability to be there.
Intellectual electronic assets are much more significant. One CD could have more property on it than you might have in a whole office years ago. And yesterday they would have had to steal the entire filing cabinet to get the same amount of information that is on a single CD today.
A [digital asset/data] theft happens today, and tomorrow it [that information] is on the six o'clock news. In the electronic age that we live in, there are not many secrets out there anymore that cannot be hacked or found. The things we have in place for protection must change tonight. These hackers [who have fed Wikileaks] were able to disrupt an amazing amount of our government in a short amount of time. WikiLeaks is a wake-up call. This has been going on for a period of time all over the world; it just has become more public than ever before.
SIW: What are some of your goals as president of ASIS?
O'Hara: We are putting a strategic plan in place for the next several years. That plan gets updated every few years. In that plan, there is Women in Security, also a young professionals program and a focus on standards and guidelines. These all reflect industry changes that we have to be involved in and provide. For example, some of our members are in countries where there are no standards, where there are no training guidelines.
SIW: How does an organization like ASIS balance that and assure that each member gets the support and value out of the organization that he or she needs.
O'Hara: It really is the membership value proposition. People ask, "How come it costs $150 for membership?" For me personally it is the best use of $150 I could spend. I have access to 37,000 people around the world. I can open my directory and find someone with the expertise I need. Yesterday I reached out to fellow members in Hong Kong and Jakarta. Within a short amount of time I get an answer from other members on questions I have.
SIW: There seems to be a long-term shift in the security industry from active response security (security officers doing patrol, and empowered to chase off trespassers) to active observation (security officers just doing observe-and-report) to passive observation (video surveillance recording, remote monitoring). How do you see this transition? Is our dependence on more and more technology and less-and-less on staffed positions potentially risky?
O'Hara: To be more efficient, we have to use technology to support the traditional things we have done. If you look at ASIS Accolades [a new products showcase held during the association's annual tradeshow], it is mind-boggling the new technology you see. We have to bring our security officers along to use this technology for different kinds of monitoring. From face recognition to GPS, all these things are making our business different, but also more exciting and effective.
SIW: Managing guard forces (managing people) seems to still be the most challenging part of many a corporate security manager's position. With 30 years in the industry, surely you must have some tips and ideas on what works and what doesn't as a "people manager".
O'Hara: The selection, screening and education of security officers are key. You also need to provide a growth path for them in the organization, and then supplement their skill set with technology, and give them the opportunity to learn new skill sets.
SIW: Is the business element of being a security manager changing?
O'Hara: There's no question about that. It's actually been transitioning for several years. We are getting the business aspect of the organization into the security organization. Dealing with your company executives requires some new skills. For example, as we spend money on technology, we have to display ROI. We have to present to them what risks we are going to mitigate. We have to keep security focused on brand. A well-know brand has a lot of exposure. Personally, at Weyerhaeuser we sold security services in-house for 14 years. You have to sell those services internally well or you won't be funded. Also, the security function is going to be driven by the culture of the organization. In every security organization, you have to some sense of your value, of what you provide to the business.