Today’s security threats are more sophisticated, given the use of emerging and current technologies, and pose a serious risk to the U.S. economy and national security.
That was the overwhelming consensus on Tuesday as more than 100 business leaders and government officials from throughout North Carolina assembled at the Embassy Suites in Cary for the Global S.T.A.R. (Security, Threats and Risk) Conference, hosted by the Partnership for Defense Innovation and the Defense & Security Technology Accelerator (PDI/DSTA) in Fayetteville.
The discussions centered on risk management and risk avoidance in today’s globally challenging threat environment and on business leaders’ duty to protect every asset.
"We believe our best defense against these mounting threats is for our corporate community to understand the latest threats, be educated on appropriate counter-measures and be proactive in establishing robust corporate counterintelligence programs," said Kenneth Marks, managing partner at High Rock Partners Inc. and current chairman of PDI/DSTA.
The Cumberland County non-profit served up a smorgasbord of topics with an impressive cast of subject-matter experts who volunteered their knowledge on various issues, such as insider threats, economic warfare, the state of computer hacking, U.S. import/export controls and what it all means in the real world, among many more.
The threats are real and in real time. The potential scenarios posed – and the real case studies discussed – supplied shocking information.
"Threat plus vulnerability equals risk," explained Kevin Favreau, assistant director of the Directorate of Intelligence for the FBI. "We need to focus on threat-based planning, not case-based planning. We want to take a proactive approach instead of reactive and be out in front of the threat."
Former FBI agent Chris Swecker, now Bank of America’s corporate security director, followed with a detailed snapshot of critical security measures like fraud investigations, physical security, applicant screening, due diligence investigations, executive protection and international security.
Swecker supported using predictive and preventative analytic tools and to taking an enterprise view of global risk management. He also noted the importance of increasing customer awareness.
"There are two types of people in this world – the ones who have been victims of identity theft and the ones who will be," added Swecker. "It’s critical that customers learn to protect themselves, and we need to create a fraud-proof customer through good education and awareness."
Corporate culture continues to focus most of the investment dollars and attention on external threats, although industry research confirms that internal threats are just as big a problem.
Michael Gelles, senior manager with Deloitte Consulting’s federal practice and former chief psychologist for the Naval Criminal Investigative Service (NCIS), and David Brant, director of Deloitte and former director of NCIS, explored the insider threat and the behaviors that undermine a secure work force.
"The insider threat exists within every organization," said Gelles. "We know what an insider is and what to look for, but we don’t have enough solutions to mitigate the threats."
"With 24×7 connectivity and telecommuting, the risk potential increases," added Brant. "The same kind of controls can’t be used as in the past. You need to get people engaged because the back-office infrastructure is the backbone to your business."
At the heart of each discussion throughout the day was the importance of continuing to form public/private partnerships and the tremendous value they possess.
Security threats have transformed and expanded throughout the world. Due to the complexity, there is an increasing realization that individual companies cannot fight this problem alone.
The push for cooperation between the public and private sector requires a holistic approach to form tighter relationships. Therefore, collaboration is seen as an integral part of bursting the criminal bubble rather than displacing it.
The day’s discussion led to two questions. One, how can public and private sectors trust each other more? And, two, how can more cooperation be created between government agencies? The Global S.T.A.R. Conference is the latest attempt in North Carolina to bring industry and government to the table to discuss those challenges and explore opportunities.
Partners for the conference included the FBI, N.C. Chamber of Commerce, N.C. Military Foundation, N.C. Military Business Center, North Carolina Technology Association and the BRAC Regional Task Force.
