Welcome to our first annual listing of the year's Top 10 Movers & Shakers in security. In the past 12 months, remarkable numbers of security professionals have distinguished themselves, advancing education, technology and best practices in every security field. We'd like to thank everyone who submitted a nomination. It was no easy task to choose these 10, but we feel each of those chosen played a significant role in changing our industry for the better this year.
In the following list of corporate security professionals, government leaders and technology developers, we've tried to capture the spirit of our ever-changing industry. Many of our choices showed a commitment to educating their peers or customers on new security technologies. When technology advances as quickly as it has in security over the past few years, a clear voice of experience and understanding is essential. Convergence leadership is also evident in the backgrounds of many of our Top 10. Convergence will continue to grow in the coming years, and the industry is finding its guides into the New World . We've tried to recognize some of them here.
As 2006 comes to a close, look around at your security industry colleagues. Who is the most forward-thinking? Whose problem solving has made him shine? Whose active involvement in the security community has set her apart? Make a mental note. That person could be in next year's Top 10.
George W. Bush
Obviously the decisions of the President and his administration affect the country, its economy and its people, for better or worse. But President Bush's impact on the security industry has been monumental this year, so much so that we feel it boosts him from a given to a place on our top 10.
Specifically, we're talking about HSPD-12 and the resulting standards. Yes, President Bush last set his hand to Homeland Security Presidential Directive-12 in 2004, but this year, as government security users faced the directive's October 27 deadline to begin issuing compliant credentials, the industry truly felt the thunder of the mandate.
Security technology manufacturers have rushed to provide FIPS 201-compliant solutions. It seems everyone wants to be able to offer product that can make the cut, and for good reason. The Stanford Group Co., a research analysis firm, predicted in July that HSPD-12 spending would reach $1.3 billion over five years. Many of the manufacturers that have invested in reaching FIPS 201 compliance also have long arms in the private sector, and by many estimates, this will mean the private sector will begin to see some changes and benefits from the directive as well.
Since smart cards came onto the security and access control scene, consultants and security users have clamored for standards. The government has now taken steps to provide a standard for its own agencies, so why shouldn't private entities benefit from it? As Walter Hamilton, general manager of Saflink and chairman of the International Biometrics Industry Association, said in an interview with ST&D earlier this year, by buying FIPS 201-compliant products, non-government agencies can “save themselves a hell of a lot of money and ensure they're buying products that have already been vetted by the federal government in a way they couldn't possibly afford to do themselves.”
While some other industry professionals don't see the standards exploding onto the private scene, integrators surveyed by RSA Security at its April Smart Cards in Government Conference said they were getting ready for a commercial impact. More than half of the integrators surveyed (57 percent) said their firms were investing to prepare for potential revenue opportunities that may emerge if commercial organizations begin to embrace the standards. Almost one-quarter of these (22 percent) said investments exceed $1 million.
George W. Bush's historical legacy will surely include both praise and vitriol, but in security, his directive will be remembered as a major landmark.
Senior Manager, Global Security Systems, Symantec
James Connor's active involvement in industry convergence initiatives and his determination to lead by example have brought him recognition as a security convergence visionary.
Mr. Connor is responsible for the design and implementation of global strategies for technical security systems at Symantec. His more than 17-year history in security includes stints at Simplex (now SimplexGrinnell, a Tyco company) and PeopleSoft (a division of Oracle). Mr. Connor has always promoted a converged physical and IT security management approach to provide a comprehensive view of global operations.
Realizing that all facility-based physical security systems, devices and services operated in silos, he initiated a convergence program at Symantec to coordinate information maintained across the company's many departments and projects, including human resources, IT directories, building access, disaster recovery, smart cards, background checks and visitor management, under a single policy framework. This program not only increases security and information management, it saves in total cost.
Mr. Connor does not keep his ideas or experiences bottled up; he uses them to help advance convergence in the industry at large. This year he has spoken on convergence at several industry meetings, presenting before such organizations as the ISACA Silicon Valley Chapter and the San Francisco Bay Area chapter of ASIS. Mr. Connor is also on the Open Security Exchange's Convergence Council and has been assisting in the development of an OSE convergence road map.
Laurie Aaron, vice chair of the OSE and director of strategic sales for Software House/American Dynamics, said of Mr. Connor's participation, “As an active member of the Open Security Exchange Convergence Council, James plays a vital role as the organization works to define the roadmap to security convergence. James is a visionary grounded by sound business practice and backed by his willingness to execute on innovative approaches to convergence. The OSE is very fortunate to have the benefit his real-life experience and contribution to our initiatives.”
Dr. Alan Calegari
President, CEO, Dedicated Micros
Dr. Alan Calegari has never been one to let technology dictate the needs of his customers. His previous leadership roles at Siemens Building Technologies and Johnson Controls molded his philosophy of providing solutions, not just products. And since assuming the job of president and CEO of Dedicated Micros Inc. in May, Dr. Calegari has quickly integrated his business mindset into his new environment.
The first order of business at Dedicated Micros was for Calegari to implant his solutions approach and look at solving customers' problems with an integrated plan. Under his leadership, the company has established new business and technology partnerships with other industry vendors and created a strategic business model that addresses the dynamic issues facing today's security industry.
“Dr. Calegari has re-energized Dedicated Micros to elevate superior customer support and training to an even greater level,” said Mark Provinsal, DM's vice president of marketing. “Our new focus on the real-world needs of the end user is reshaping how we do business. Dr. Calegari has ignited critical parts of the business to ensure the company experience extends well beyond the purchase of a DVR.”
Dr. Calegari has recognized that the security industry is moving in the direction of identity- and event management-driven systems. His end game is to identify where his company's technology and solutions fit into this emerging sector.
To this end, the company has strengthened its engineering group to develop event management functions into its DVR product line, network archives and IP surveillance.
“In focusing engineering in that area, we soon realized that was exactly what our integrators were seeking—a manufacturer of video management solutions that was creating a bridge between the traditional applications and the rising requirements of IT departments that are deeply involved in security solutions,” said Dr. Calegari.
The whirlwind of change Dr. Calegari has brought to Dedicated Micros has increased productivity, reaffirmed corporate R&D goals and procedures, and streamlined the organizational hierarchy without downsizing. Throughout this change, one constant has remained: develop product and solutions that support event management processes by facilitating connections to sensors, intelligent devices and other protocols that transcend traditional DVR applications and technology.
CSO, City of Vancouver
Many, if not most, of the experts touting convergence today come from information technology backgrounds. Many physical security professionals continue to view convergence as something for IT to deal with, something beyond the scope of their responsibilities. Others fear it will provide a doorway for IT professionals to step in on their jobs. Physical security professionals have needed to see one of their peers—someone on their side, so to speak—addressing convergence in a positive and experienced voice.
Dave Tyson has been the man behind that voice, and he has worked hard to make himself heard. Mr. Tyson originally entered the field as a bodyguard and worked his way up the ranks, becoming a respected physical security consultant. But several years ago he realized that information technology was going to be a part of the total security picture, whether he knew anything about it or not, and he decided he'd rather know it.
With that in mind, Mr. Tyson earned an MBA with a focus on digital technology management, as well as his CISSP certification. His hard-earned knowledge of both IT and physical security helped him land the position of CSO of the city of Vancouver . Many readers who've attended conferences or read ST&D or SecurityInfoWatch.com this year will be aware of some of the tremendous benefits his expertise has brought the city. These include moving camera storage from NVRs to a storage area network, to the tune of nearly $500,000 in savings, and reducing IT policy violations by nearly 90% by cross-training security officers to look for signs of IT rule breaking.
But it's Mr. Tyson's desire to share these experiences that makes him a perfect fit for our Top 10. This year he's spoken at conference after conference to educate both physical security and IT professionals on the importance of developing what he regularly calls “a common language of risk” that will help bring together technologies and management to improve the enterprise. He was presented with AESRM's 2006 Excellence in Security Convergence Award, and he represented ASIS at a conference of the European Network and Information Security Agency in Greece last month. He will also be publishing a book next year, tentatively titled “Security Convergence & Managing Enterprise Security Risk.”
President, Lenel Systems International
An electrical engineer by trade, David Cunningham said he felt like a kid in candy store when he was named president and general manager of Lenel, part of United Technologies Corporation, Fire & Security. “When you look at the technology accomplishments that have been developed here over the years, it really is overwhelming,” admitted Cunningham, who took over the Lenel helm late in January after more than 20 years in various engineering-driven positions at UTC.
Cunningham has kept the focus on technology development since assuming his role with Lenel, but there have been other priorities as well. He stressed the need to cultivate a company-wide focus on customer service and to integrate Lenel into the UTC corporate culture.
Customer service has been a hallmark of other UTC divisions, and Cunningham brought that attention to Lenel his first month on the job. He has guided the expansion and investment in product management to improve understanding and tracking of customers' product needs. Other investments have included more order entry personnel, service account managers and international sales and service managers.
Under Cunningham's leadership, Lenel has enjoyed strong growth, capturing a diversity of new business. Lenel is securing the Panama Canal in a two-phase project that replaces the legacy system in place. The first phase has already been completed and features 340 readers and 240 cameras. Phase two will include the expansion of the canal's two additional locks with 200 more readers.
Other new projects include an integrated IP and digital video system and a robust smart card program at Columbia University in New York City , the installation of a multinational enterprise system for Compania Minera Vale Rio Doce, one of the world's largest mining conglomerates, and deployment of OnGuard Enterprise systems at both John Deere and Boeing.
“Dave has managed Lenel's transition to a UTC Fire & Security company with a deft hand, enabling the team to turn in a record-breaking year,” said Kurt Jablonski, vice president of strategy and business development at UTC Fire & Security. “His strong commitment to Lenel's partners and to aggressive international expansion complements Lenel's best-in-class technology and products.”
Vice President and CSO, Boston Scientific
In a previous life, Lynn Mattice received a special commendation from the Department of Defense citing his visionary leadership in the advancement of security education. The praise stemmed from his participation on a task force established by Presidential Order under President George H.W. Bush to develop a new National Industrial Security Program (NISP). Today, Mr. Mattice's dedication to the continuous improvement of security and security education remains strong.
As vice president and CSO for Boston Scientific—one of the world's largest medical device companies, with operations in more than 100 countries worldwide—Mr. Mattice manages all corporate security functions, business intelligence, business continuity planning and corporate aviation operations. Over his more than nine years at the company, he has developed a tailored, streamlined security organization based on outsourced staff and a strategic focus on meeting the needs of the business.
Mr. Mattice regularly shares the secrets of his success—both in Boston Scientific and the other organizations he's served in his 30-year career, including defense and intelligence, electronics, and consumer products—with other corporate security directors. This year alone he has spoken at the SecureWorld Expo, sat on the steering committee for the Sixth Annual New England Security Forum, and provided interviews or editorial support to many of the major security publications. (In fact, he's featured in another article in this issue, “Think Like a CSO.”)
He currently serves on the board of directors for the International Security Management Association and represents ISMA on the Steering Committee for the Global Congresses on Combating Counterfeiting and Piracy, a joint effort between the World Customs Organization, Interpol and the World Intellectual Property Organization. He is also Chairman Emeritus of the National Intellectual Property Law Institute in Washington D.C. and is guiding the formation of the Centre for Global Competitiveness.
“Lynn Mattice has been involved in innovative and strategic security initiatives for most of his career,” said Bob Hayes, CSO and executive director of the CSO Executive Council. “ Lynn probably managed one of the first converged security operations in the country while at Northrop in the 1980s. He continues that practice of managing converged operations to this day. His work in documenting the key security processes has continued throughout his career. He has been an early adopter and participant of numerous groundbreaking organizations in the government contracts security area, ISMA, the ASIS Best Practices Council, and now the CSO Executive Council. His leadership, enthusiasm and innovation are his hallmarks and a welcome asset for the industry.”
Co-Founder, Axis Communications
In October, network video solutions manufacturer Axis Communications celebrated the 10 th anniversary of its first network camera, the Axis 200. Since that first release, which seemed to many at the time an unnecessary, far-fetched solution, the IP market has grown in leaps and bounds. Analog still rules the coop, but IP is steadily gaining. Some analysts predict network cameras will surpass analog by 2008.
As a co-founder of Axis with with Mikael Karlsson, Martin Gren's vision has significantly impacted the security surveillance industry. He was an engineer and entrepreneur when Axis was born in 1984, and since then Mr. Gren's brainchild has become a leader in the network video market. With him at the helm serving on the board of Axis AB , Axis Communications' parent company, Axis has continued to introduce quality network video products that catch the industry's attention. Mr. Gren has had an executive and operative role in establishing many of Axis' new businesses and flagship products in Europe, Asia and the United States .
The company has won several industry accolades this year. The AXIS 214 PTZ Network Camera won the Product Achievement Award for a Digital Video Device in the 2006 ISC West New Product Showcase competition, the AXIS 225FD Fixed Dome Network Camera received both the PC PRO Recommended award and the SecuTech Award in 2006, and AXIS 212 PTZ won the Detektor International Best CCTV Product Award in September. In addition, Axis was presented Frost & Sullivan's 2006 Award for Market Penetration Leadership in network video.
Fredrik Nilsson, general manager of Axis Communications, said of Mr. Gren, “Martin has incredible enthusiasm and passion for product research and development. His ability to understand market needs, as well as technology capabilities, has enabled him to continuously invent groundbreaking products for Axis over the past 20 years.”
President, RBCS Inc.
As a security consultant and a writer, Ray Bernard has provided pivotal direction in the security and building automation industries for more than 20 years. Mr. Bernard's security consulting clients include Fortune 500 companies, international airports, sports stadiums, corporate and municipal data centers, government facilities, global enterprises, nuclear facilities, and multiple-tower high-rise buildings. Mr. Bernard most often helps clients establish security programs that include ongoing security process improvement and helps them leverage the opportunities that security convergence provides at both the technology and security management levels. He also consults informally with companies and organizations concerned about their security proposals and helps to set them on the track to successful projects.
His visionary insights into the operational aspects of security and technology enable him to identify trends at their inception. He knows that people apply technology, and that it's the people side of the equation that makes it all work. Mr. Bernard was one of the earliest voices of convergence and was the first person to identify the full spectrum of convergence and its impacts on the security industry and security professionals. That's why we at Security Technology & Design asked him three years ago to write regularly for us on the subject. Since then, he's become our trusted expert on convergence and trends.
In the past year, Mr. Bernard has ramped up his educational activity even further, both in the magazine with his monthly Convergence Q&A column, and beyond. He is a sought-after speaker for security conferences and industry briefings. This year he's spoken at numerous ASIS events, including the annual conference, numerous regional SecureWorld Expos, BuilConn 2006, CardTech-SecurTech, and other events.
This year Mr. Bernard also founded “The Security Minute” electronic newsletter, the first newsletter for security practitioners and stakeholders—the people involved in making or approving security decisions, policy, plans and expenditures.
Mark W. Farino
General Manager, Converged Secure Infrastructure, Cisco Systems Inc.
One of the most talked-about entrants into the physical security market this year was Cisco Systems, which leapt onto the scene in March with the acquisition of network video solutions provider Sy Pixx. The move was a part of Cisco's relatively new focus on developing solutions to create what they call the Intelligent Converged Environment (ICE), a framework in which the network is the intelligent foundation for new security applications. Cisco advanced that vision even further when they announced a collaboration with Assa Abloy at ASIS in September; the companies are joining their technologies to create a “networked door.”
Kevin Beaver, principal information security consultant of Principle Logic, LLC, noted that Cisco's entrance into physical security will bring positive visibility to the field. “It's one thing to have a lot of smaller players in the convergence market, but quite another to have a company like Cisco,” he said.
One of the driving forces behind Cisco's Converged Secure Infrastructure Business Unit (CSIBU), the division responsible for these physical forays, is General Manager Mark Farino. He created the CSIBU in 2004, and since then he has built a cross-functional team dedicated to designing, building, delivering and servicing solutions for TCP/IP-based physical security applications. Mr. Farino has been responsible for developing and delivering Cisco technology at different levels since he first joined Cisco in 1992 as a corporate business development manager.
“Mark Farino has been instrumental in strategizing and driving Cisco's foray into the converged security arena,” said Marthin DeBeer, vice president of Cisco's Emerging Markets & Technology Group. “He has been, and will continue to be, increasingly influential in evolving the progressive thinking and application of corporate security for businesses around the world. This evolution leverages the strengths of physical and information security in a coordinated, collaborative approach that makes corporate security more agile, efficient, and all-encompassing.”
Emeritus Faculty, Founding Member, CSO Executive Council; Principal, Business Security Advisory Group
Since he retired as CSO of Fidelity Investments in 2002, George Campbell has dedicated himself to sharing a lifetime of lessons learned in the successful leadership of security organizations. In the past four years he has acted as president and board member of the International Security Management Association (2003), as well as managing partner of the Business Security Advisory Group (BSAG). He is a frequent contributor to online and print security publications through articles, interviews and webinars. His writings have been presented this year at the SecureWorld expo, and he spoke at the 2006 CSO Perspectives Conference in California in March.
Mr. Campbell was a founding faculty member of the CSO Executive Council at its launch last year, and throughout 2006 he has used this forum to advance the understanding and use of strong security metrics to prove the business value of security programs. The Executive Council is a membership organization for leading senior security executives that focuses on developing and providing tools to help corporate security management improve their responses to business and security challenges.
This year, in partnership with the CSO Executive Council, Mr. Campbell published a book called “Measures and Metrics in Corporate Security: Communicating Business Value,” which has been purchased by security professionals in 17 countries on four continents. It is currently being evaluated by some of the nation's leading universities for use in security and homeland security degree programs.
Bob Hayes, CSO and executive director of the CSO Executive Council, said, “In his new book, not only has (Mr. Campbell) identified for the first time 375 metrics and measurements regarding all aspects of security, he is currently in the process of creating executive presentations and board-level comments on each metric. This groundbreaking work will change management's expectations of how the security industry should communicate value, while enabling security professionals to meet management's new requirements.”