June 24, 2009, Baltimore, Md. -- This morning at the Electronic Security Expo in Baltimore, Md., General Electric's Chief Security Officer Francis X. (Frank) Taylor discussed the role of a lead security executive for a multinational corporation. Taylor's address was the keynote presentation for the tradeshow and served as an inside view into his role, providing insights for the technology vendors, security systems integrators, alarm dealers and monitoring providers in attendance.
To understand his perspective, here's a little background on today's keynote speaker. He has 31 years of military service, rising to the rank of Brigadier General. He served with the United States State Department as Assistant Secretary of State for Diplomatic Security, and worked with the State Department on counter-terror intelligence following the 9/11 attacks. At General Electric, the parent company to the business unit we all know of as GE Security, Taylor has to protect over 300,000 GE employees worldwide, making the firm's operations roughly equivalent to the size of the United States Air Force. He faces security challenges drawn from having thousands of individual facilities as well as operations in over 100 nations around the world. He has a company reputation and livelihood to protect; General Electric is the only company that has been continually listed on the Dow Jones Index since that index was established. Taylor joined General Electric in March 2005.
In the span of about an hour, Taylor covered a lot of ground, so for the sake of brevity, I'm going to boil it down to some key points he made, but if you ever get a chance, make sure to hang on the every word of chief security officer for a multinational corporation (MNC). There is a lot to be learned.
The CSO position of today has evolved beyond response to threats. Taylor stressed that his main strategy has to be the anticipation of risks. "There is nothing impossible in today's world in terms of a threat to our nation and our people. In our business, things we couldn't image do happen," said Taylor.
While his duties don't include IT security for GE (those duties fall to the CIO at General Electric), Taylor said that, "Your customers are going to be more literate than ever about information security. They will ask your technicians about hackers and how your physical security systems are defended against their efforts." At GE, the security team works with IT closely. Those ties are manifested in employee investigations but also in areas like protection of intellectual property.
Taylor advises CSOs to deeply study previous threats to anticipate upcoming threats. Taylor pointed to what the company learned about how it was affected by the avian flu and said that knowledge played directly into how well they have been able to respond to swine flu.
Terrorists are strategically targeting multinational corporations. The fact is, said Taylor, that most corporations' facilities around the world are less protected than embassies and government facilities. That makes them crimes of opportunity, whether it's a hotel owned by an MNC, or an oil refinery. He clicked through news clips of terrorist incidents around the world to prove this point. The embassy is no longer the sole target.
The global CSO needs to have a depth of global experience, but he or she needs to put people in place with local experience, said Taylor, citing the example of a recent GE hire from Egypt who brought a wealth of local, cultural knowledge to the security table.
Travel security is a bigger issue than ever. Before his time, said Taylor, it could have taken weeks for a large corporation to know whether any of its employees were affected by a natural disaster or a terrorist event. Today he knows within minutes.
If you're a CSO working at a global level, you need daily intelligence on global instability issues. "You can't do security today unless you are globally aware of the world issues that could affect your company," said Taylor.