edited.jpg

FORTUNE 500 PROBLEMS

Background:  The Overseas Security Advisory Council (OSAC), created in 1985, is responsible for promoting security cooperation between American private sector interests worldwide and the U.S. Department of State.  OSAC routinely holds meetings domestically and worldwide on issues of mutual importance.

Issue:  During one such meeting of Chief Security Officers from over 30 Fortune 500 companies, a member of our team was asked to attend at the behest of the then Director of the Diplomatic Security Service.  During the meeting, there was an issue where members wanted more comprehensive security incident reporting from the thousand corners of the world where they had interests.   Despite the extensive global security expertise in the room, there was no widely accepted proposal for how to reliably obtain such information on a global scale.

Insight:  Our team member who had spent time in both the private and public sectors, understood the real issue: every company wanted the information but no company wanted to be seen as advertising the security incidents that occurred against them.  After all, there was a delicate balance between sharing information and protecting against negative corporate publicity, which could affect shareholder value. 

However, the key to solving this puzzle also relied on shareholder value...

Strategy:  Corporations have a duty to protect against losses to people and property.  Contemporaneous with all serious security incidents are claims filed with insurance companies. To not file a claim would breach fiduciary standards of care owed to corporations by their executives.  So the data these companies wanted was out there, it was in the possession of insurance companies.  Simply put, the insurance industry has long enjoyed comprehensive crime and loss reporting from clients throughout the world. 

We presented a proposal to the audience reasoning that if OSAC stripped public identifiers (for reasons of privacy and protection from negative corporate publicity) from the reports, the data most important to OSAC members—location, date, nature of the event— could be disseminated as rapidly as OSAC desired.  Additional privacy measures were also devised.  These measures are proprietary.

Outcome:  Fortune 500 companies now had a comprehensive reporting system that balanced their need for information against negative corporate publicity. 

0 Likes