At the Frontline: Securing the Hearst Corporation

How Ted Lotti keeps one of the world's largest media companies secure

We were fortunate in that when AlliedBarton [inked a deal with Hearst] it was the first time Hearst had contracted a security company for the new building. The reason they picked AlliedBarton was because of their training abilities; it’s a big company with plenty of resources and support if needed. Since we were starting out new, I was fortunate enough to select the staff from the beginning, not like the usual where they go take over a security contract and half the officers are already there. Out of 43 (officers) in last two years, we’ve probably just had four that have moved on. Half of them are either going to college or have college degrees; I have one going to law school, I have one with a master’s; two went onto law enforcement. I believe you treat them well with respect and benefits and in return you get good work. We pay them above the industry standards, and we treat them as part of the corporation itself. Hearst is a family-owned organization and they’re a part of the family and in return they do a great job.

With so many threats company faced by companies today via the Web, how do your physical security and IT security departments interface with one another?

We have an internal IT security desk. Part of the IT staff is just dedicated for security because of production of the magazines; a lot of the magazines are going on the Internet now so they’re very weary of sabotage and hacking. I know they’re always up to date and on top of all the latest threats on the Internet.

Since the anthrax mail scare in late 2001 that targeted several politicians and media outlets, how has mailroom security changed and what types of technologies have been implemented to reduce the chances that someone could be hurt as a result of a similar type attack?

We have an intake room now that sorts everything out. We have an X-ray machine so that we have the ability to, if necessary, to check it. But the biggest thing is that we do have a screening room. Everything goes through the screening room first before it’s distributed in the building. If there is anything suspicious, we are notified and evaluate it, and of course with anything suspicious our first response is to call police.

How do you handle the various types of threats that Hearst editors and reports receive, as well as those directed specifically at Hearst Tower or any of the company's other facilities?

We try to identify where the threat came from first of all and assess the threat level. The publishers and the editors do get numerous threats via voice mail, via Internet, via letters -- and without sending off alarms or sirens we identify where the threat came from and then we assess it and take appropriate action. There are people out there just venting and just have nothing better to do. Popular Mechanics magazine that wrote a whole book which counters the theory from the group that believes the government setup the 9/11 attacks. So Popular Mechanics wrote a whole book arguing their points, and the group protested against Popular Mechanics and they’ve been getting threats on that. So we just monitor where they’re coming from.

How has the role and perception of security at corporations changed over the last 10 years?

[A company's views on security] change with everything that’s out there that presents a challenge. Security personnel have to be better trained, and much more aware of both physical presence and the damage someone can do on the Internet. Hacking and internet security programs are just as vital as being prepared to stop someone walking through the front door. So you just have to be prepared for all the different challenges that are out there.