Just 2 Seconds (93 page)

Read Just 2 Seconds Online

Authors: Gavin de Becker,Thomas A. Taylor,Jeff Marquart

You can take that philosophy and apply it to yourself -- you, the CSO -- in your own corporation. You can cultivate the knowledge that the issue is not how well you'll predict what's coming but rather how well you manage what does come. The confidence that you can manage what comes down the pike is what people will see when you sit down in a meeting. Nothing's going to come at me in this meeting or in this lifetime that will destabilize me or that will persuade me that I can't meet the challenge. There's a beautiful way of saying this: The anticipated may never occur, but the unexpected will always occur. Our product is to calmly manage change because change is coming.

CSO:
Your book
The Gift of Fear
explores the role of intuition in protecting one's personal safety. What do you think the role of intuition is for the CSO?

GDB:
I believe that intuition is the single greatest resource that we bring to our work. Experience without intuition is like knowledge without wisdom. Someone who's very experienced has many memories. You've heard the expression "collect your thoughts." To collect those memories and turn them into wisdom, that requires intuition, because intuition will draw on everything you ever saw, learned or experienced. And it will produce a reaction that even can be felt in the body about what feels right.

Interestingly for security professionals, the root of the word intuition,
intere,
means to guard and to protect. I think that is exactly what it can do for us when we listen. Every reader of your magazine can identify developments in their lives where intuition was a key player -- where they knew something before they knew why they knew it. That's what intuition is. It's knowing without consciously knowing why. It is getting from A to Z without stopping at all the letters on the way.

CSO:
Intuition is useful, but is it dangerous in business?

GDB:
It can be, but remember that having an intuition and exploring it does not mean that you base your decisions solely on intuition. It means you follow your intuition to its logical destination. There's a lovely quote from the filmmaker Ingmar Bergman. He says, "I throw a spear into the jungle. That is my intuition. Then I go and find it. That is my intellect." Well, I recommend precisely that. You have the intuitive feeling. Don't discount it. Explore it. If it doesn't take you to a destination you're comfortable with, you don't have to proceed.

CSO:
Do you think most CSOs have gotten where they are by intuition or by logic?

GDB:
Absolutely by intuition. Most great investigators in law enforcement and in the military, where a lot of our CSOs come from, had an intuition time and again in their careers that said, I think I'll make that phone call again; I think I'll double-check on such and such; I'm going to look back over those records. They don't know why.

People who are closed to their intuition are disabling a massive component of who they are. I tell my employees to bring their entire self to work. I
want
their intuition. That said, I believe that America as a culture tends to prefer logic. We actually will praise someone for a bad decision if they can show us the logical route that got them there, and we will criticize someone for a good decision if they claim it was entirely made on intuition. Our readers come from both the corporate security and the IT security worlds, and they are often at odds with each other.

CSO:
Do you think that may be because people with a technical background tend to have a more logical approach to their jobs?

GDB:
Yes! Technically oriented people tend to expect the world to work like a machine: You put this in and you get this out. Being open to intuition places one more in tune with the natural ways of life (living beings as opposed to mechanical things). Paradoxically, intuition is, in the natural order of things, completely logical.

CSO:
Can you cultivate intuition in other people, or can you only encourage it?

GDB:
Everybody has it. The question is: Do you listen to it? If you think of a mind as a large cast of players all wrestling for attention, intuition is one of the easier ones to silence because it's quiet. It's not like fear (which is a very loud voice) or logic (which is a very arrogant and sort of demagogic voice). It is subtle.

CSO:
And the outside voices? Whether it's a Hollywood star or a high-powered CEO, how do you handle a big ego?

GDB:
One thing I strongly recommend is to present a menu of options to your corporations or your clients, and then let them choose. You can be an advocate for one option if you want -- that's fine -- but ultimately you're bringing the client into the decision-making process.

In the corporate world, senior executives will often scurry to avoid making decisions; they want the CSO to make the decisions. But I don't give them that luxury. Americans tend to look for someone to blame later on, and I am saying to my brothers and sisters in security, don't make it you. Don't volunteer for that job. In order to do that, we need to subdue our egos adequately to accept their choice. I have seen many people fail in the CSO position by getting married to a particular option and not presenting alternatives. Thus, when that option does not yield the fruit that was expected, there's no question about whose baby it was.

CSO:
I imagine this method also helps the egos of people you're dealing with, because you're not telling them what to do.

GDB:
That's true. They're less resistant. You don't feel like you have to sell quite as strongly when they participate in the process.

 

 

 

 

 

"Make slow, careful choices about the people you include in your life -- and fast decisive choices about those you exclude from your life."

Gavin de Becker

 

 

Appendix 9

Security Firm Standards

This document is designed to guide you through an efficient and complete Due Diligence assessment when comparing or selecting providers of protective security. Rather than relying upon anyone's verbal answers, or upon brochures and references, have the firm demonstrate the truthfulness of each claim -- right then and there. For example, when a prospective service-provider claims to have undertaken a background check on an employee, ask to see the report of the background check. If the answer is, "We'll get it to you later," that might mean it doesn't exist.

Due Diligence Assessments conducted with these guidelines can usually be completed in about 90-minutes, an excellent investment of time when selecting services intended to keep people safe.

FACILITIES, SECURITY, & OPERATIONS

Arrange to visit the prospective company's offices. You might find so-called companies that have good-looking brochures or web sites don't have any viable headquarters facility. If a firm is unwilling or unable to have you visit their offices, your assessment of that firm might end right there. If they do have a facility you can visit, insist that your meeting take place at their offices. Once there, since they're proposing to manage your security, assess how they manage their own. Is there an access control system, security system, and serious security procedures? If not, your assessment of the firm might end right there. How can anyone justify advising you on security when their own security is sub-standard?

 

Circle your scoring of your first impression of the security at their facility:
0
1
2
3
4
5
6
7
8
9
10

Ask to see how client information and files are stored, and determine if all confidential files are kept behind always-locked access-controlled doors, or if they are available to any employee who might be there. If client files and records are not kept in an impressively secure way, your assessment of the firm might end right there.

 

Score your impression of how they handle their confidential files:
0
1
2
3
4
5
6
7
8
9
10

Observe if the entire environment is protected by video surveillance cameras. If so, ask if the video images are recorded.
Then, ask to see the actual recording equipment.
If they cannot show you the recording equipment, your assessment of the firm might end right there. If they do have recording capability, ask if it is backed up by recording equipment that is kept off-site (so that a fire or sabotage does not destroy the record of an intrusion). Is there constant video-recording of every person entering and leaving the facility? Is there constant video-recording of areas containing confidential files?

 

Score the quality of their facility security-video system:
0
1
2
3
4
5
6
7
8
9
10

Are the doors into the facility entry-resistant, or just regular doors?
Is the access method dual-factor?
This means, does each person entering the facility or its internally secured areas have to enter a unique access code and also use a secondary access method (access card, biometrics)?

 

Circle your scoring of their doors and access-control system:
0
1
2
3
4
5
6
7
8
9
10

Ask how they protect their computer systems and electronically stored information. Do they encrypt the hard disk on every computer and laptop so as to protect client-related data? What steps do they take to prevent hacking into their email? What steps do they take to protect their voicemail? Do they maintain their own on-site voicemail system, or merely subscribe to a phone-company service that can be hacked into?

 

Circle your scoring of how they handle their electronic information security:
0
1
2
3
4
5
6
7
8
9
10

The security systems and procedures of a qualified firm should be impressive because if selected, this firm would be housing files and information about
your
security systems and procedures. They'd also predictably be housing other highly confidential material about clients. How they handle their records is an excellent indication of how they'd handle yours.

Ideally, the firm is maintaining an environment that persuades you it is successful, thriving, professional.

Do you come away from the visit feeling the firm is substantial and robust enough to serve you well?
Will they be around next year, 3 years, 10 years?

 

Score your impression of how robust and substantial the firm is:
0
1
2
3
4
5
6
7
8
9
10

MANAGEMENT OF PERSONNEL

If they cannot impress you with their personnel recruitment, screening, training, and supervision methods, your assessment of the firm might end right there because your liability could be adversely affected by assignment of people who were not screened to an acceptable standard. The quality of their service depends upon the quality of their personnel.

While at the firm's facility, ask to see personnel files of 5 current security employees. To ensure you're able to observe random personnel files (assuming they maintain any at all), ask to see files for current employees whose last names begin with particular letters (e.g., M, S, R, L, etc). Ask to see a few minutes of videotape from one of their pre-employment interviews. If they don't videotape these interviews, ask why they don't -- and then ask to see the interviewer's notes or report on the interview. Ask to see their written standards and criteria for prospective employees, and give particular attention to health and readiness standards, if they have any.

 

When you ask to see personnel files, observe their reaction: Do they willingly get and provide the files right now, or do they stall, resist, or offer excuses?
0
1
2
3
4
5
6
7
8
9
10

Ask to see the background investigation files on those same 5 employees. The files should contain careful and easy-to-identify documentation on each of the following:

 
  1. Notes or recordings of interviews with references;
  2. Written confirmation of education;
  3. Notes or recordings of interviews with former employers;
  4. Written confirmation of military background, including discharge status;
  5. Results from searches of civil and criminal Court records, local, state, and Federal
    for all counties in which each employee resided -- be sure to check for this last point
    ;
  6. Credit history report;
  7. Driving history report;
  8. Sex Offender Registry search report;
  9. Derogatory financial filings;
  10. Social Security confirmation;
  11. Report of Internet research (chat rooms, blogs, search engines);

Every file should contain each and every one of these, and if it's clear they are not routinely doing these inquiries, ask why not.

 

Score the completeness and quality of the investigative reports, if any, in the random personnel files you review:
0
1
2
3
4
5
6
7
8
9
10

Other books

The Secret of Wildcat Swamp by Franklin W. Dixon
All the Roads That Lead From Home by Parrish, Anne Leigh
My Friend Walter by Michael Morpurgo
Precious Time by Erica James