|Introduction - Thoughts and Observations from David and Vincent
We see changes every year, and from month to month and day to day. In 2016, a large number of informed event watchers and pundits spoke of what in their view were going to be the horrendous, impossible or laughable changes coming to a country near you - the US presidential election, Brexit, ever-shifting scenarios in the Middle East, even, for them, the surprising deaths of a panoply of film and music stars - yet all these happened.
It has clearly been another tumultuous year for the global economy and security challenges within all this, which seem to be more closely related than ever. In this emerging world we are seeing a shift toward nationalism, protectionism and in some countries in all regions, political movements to the right that could lead to new global dynamics.
Economic security remains the number one concern of the vast majority of the population, worldwide. It even outweighs concern for security in most polls (although polls and pollsters have certainly lost credibility with erroneous prognostications this past year). People seem increasingly fed up with politics and the status quo in different countries - and of course these too are different states of play - and are voting for change, even in the event of an increase in potentially extreme geo-political, economic and environmental upheavals.
Adding to all of this we have had the spectre of cyber warfare rearing its head further as something more than an existential threat from a more or less theoretical realm. Apart from the sensational disclosures of politically sensitive emails by ostensible Russian hacking to influence the US presidential race, there have been increasing disclosures of cyber warfare being waged by other major country players and even cyber warfare tools for sale and hire commercially for both private sector and government use (and abuse). An excellent article was written on this subject by the New York Times which articulates the emerging menace to global security - [read more]
In these turbulent times, Burrill Green and PICA have continued to step up and join forces to combine resources to fortify and integrate solutions to combat emerging threats in these increasingly unstable environments. Through a combination of developing, recruiting and training the finest talent in the world emerging from our military, intelligence, police and university environments, we embed these people inside the critical infrastructure of clients. We continue to support them with risk assessment, loss prevention, crisis planning and response contingencies. Our teams offer best-in-class services to prevent and mitigate security threats and incidents. This includes offering a turnkey product in risk assessment, cyber security, ongoing security procedures, crisis and business recovery planning and training for a virtually outsourced security function.
Further, we also act today as an outsourced security resource to force-multiply client assets anywhere in the world where "boots on the ground" are required temporarily or on a continuous basis.
One of the roles we play is to discuss the challenges of understanding, managing and mitigating uncertainties, in a proactive, not a wholly reactive sense. In 2017, changes, as usual, will continue, and again continue in many cases against wishes and expectations, however much video time or printed words are used to deny or denounce such possibilities and outcomes. In corporate security, we all need to embrace the unlikely, as well as the expected.
To this end, we continue to develop and finesse ways of supporting the security and flourishing of businesses, enterprises, human and other physical and intellectual property assets in these new and emerging contexts.
Reading below, you will see what we are working on in M&A activity and new market entries, in developing responses to both bolder and subtler attacks on legitimate enterprises, especially in cyber formats, and how we meet up with our old "friend" terrorism in new guises. You will also see how we are expanding our outstanding Security Leadership Recruitment service. Finally, we list our full range of services that have been extended - reflecting another benefit of the Burrill Green and PICA Corporation strategic alliance.
It is clear that 2017 will be a challenging year. However, it is our humble opinion that the year will bring both opportunity and risk and that those of us that prepare, plan, partner and innovate will carry the day.
We are sure 2017 will be looking to compete with 2016 for yet more dramatic headlines. Stay connected.
|Mergers, Acquisitions and New Market Entries
Are You Providing a Business Enhancing Security Input?
Is your company involved in a merger or acquisition or about to enter a new market? Are there internal or external rumours that it might be about to? Would you know if one was a glimmer of a thought in the Board/ExCom? Would the security function be involved from the outset of a merger or acquisition or new market entry project? if not, when would security be brought in to the process? Do you and your security team have the knowledge, experience and training to engage fully in such projects from the outset? Do you have the activity templates ready to provide support from concept to implementation and beyond?
It is not uncommon for the security function to be side-lined - almost forgotten, indeed actually forgotten during much of the overall process - coming in to play only when a deal has been announced. This reflects badly on the function’s credibility and visibility (if anyone cares!) and denies serious value add to the company.
Let us look at just a few aspects of importance:
Security should be represented in the project team for three reasons;
i. Ensuring the necessary confidentiality for the project (physical and cyber).
ii. Providing business security due diligence on would be partners and target companies, and on the geopolitical/crime/terror context. This may include tasking and managing the efforts of an external business intelligence provider (Yes! - they need managing as does any other external resource. Legal will be managing legal companies, Finance will be managing merchant banks and accountancy firms, Communications will be managing public affairs companies etc.).
iii. To contribute to the team’s overall cross-functional business discussions and assessments.
Security should be represented in the Implementation Team to;
i. Engage with the newly merged or acquired or created company to discuss and roll out new (often interim) organisational structures, and to agree on and promulgate policies, procedures, standards, guidelines etc.
ii. Ensure continuance of your personal and your function's credibility and visibility in the newly created entity or, if you and your function are lacking in the foregoing, seize the opportunity for a new beginning.
iii. Ensure security interests and needs are properly represented in both the cross functional and bespoke procedural methodology.
Never forget that, throughout the whole process, mergers and acquisitions generate deep emotional concerns amongst the staff of both companies, affecting their sense of personal well-being. Will they still have a job? Will working life be less pleasant? What will be the impact on existing close knit teams? etc. Generally speaking, people default to thinking the worst outcome for themselves, and there is always some distraction. These emotional concerns require careful handling and, of course, do generate risks.
This has been a greatly simplified outline of the challenges which are/should be faced by the Security function in Mergers and Acquisitions and New Market Entries. The Burrill Green hallmark that "our consultants have done it for real" as CSOs/senior security executives employed in multi-national corporations applies every bit as much in Mergers and Acquisitions, and New Market Entries.. If you feel that your company/function may need help on this topic -
Contact David Burrill here: email@example.com
|Operations, Investigations and Due Diligence
Terrorism never seems to be out of the news these days. Burrill Green advises small and medium companies, and large multinationals about the threat and, most importantly, about the counter measures which can be taken to prevent and avoid such activity before and after it takes place.
Burrill Green has recently provided a European-based company with a Technical Surveillance Counter Measures survey. The survey we carried out was straightforward and provided multi-faceted counter measures against technical attack. However, it highlighted the fact that the multinational company in question had almost no physical security measures in place; from the physical security of their offices against theft to protection of their processes from commercial espionage and their staff from terrorist attacks. Cleaning Staff were permitted access to the offices overnight without supervision and there were no plans for reaction to any sort of incident from fire to terrorist attack or natural disaster. There were no plans for protection of sensitive company information or what the company would do in the event of a member of staff being kidnapped for ransom. Are you in this position? If so, please contact us and we will provide low-cost advice to prevent at best embarrassment and at worst injury or loss of life.
Another European multinational company has received timely advice about union activity, in a developing country, harming its operations and causing damage to the company's reputation and bottom line. We provided real time reporting on threats to the company including details about senior managers who were involved in fraudulent activities. Additionally, we advised on measures the client could take to improve employee relations which had deteriorated to the point of being an unacceptable risk. This enabled the company in question to prevent further profit losses and to marginalise employees who were acting against their interests.
Another multi-national, involved in the purchase of large agricultural concerns, in a country bordering the Russian Federation, had problems protecting their interests against abuse by local court officials and politicians. Burrill Green was able to investigate the situation and to make recommendations, which prevented further losses and political and legal difficulties for the company concerned.
The strategic alliance between Burrill Green and PICA www.pica.net, our American partner, is becoming closer and more effective by the day and means that our joint capability to deal with a plethora of challenges anywhere in the world for our customers has become the equal of other much larger companies. Engaging us results in a combination of great quality of service and your budgets stretching further. For a swift, highly professional and secure response to your company's needs across a very wide risk spectrum.
Contact Geoff Gillion here: firstname.lastname@example.org
Security Leadership Recruitment ™
In cooperation with PICA Corporation, Security Leadership Recruitment ™ is being activated in North America and enhanced in countries where PICA Corporation has greater visibility than Burrill Green.
Readers of our Newsletters will have seen many accolades about and recommendations for our recruitment service. To these, a General Counsel , to whom the CSO of a major multi-national company reports, has recently observed that "You have provided me and my company with my best hire ever." This comment related to lawyers as well as security executives.
If you would prefer to recruit "best hires" rather than accept mediocrity, look upon the recruitment process as a critical investment and let us help you to build quality wherever in the world.
|Continuing Professional Development (CPD)
Corporate & Cyber Security Executive Masterclass in Spain
We are absolutely delighted to announce that Burrill Green will hold its first ever Masterclass in Spain. The Corporate & Cyber Security Executive Masterclass, conducted in English and is residential, will be held from 8 to 12 May at Campus Puente Nuevo, Gas Natural Fenosa’s wonderful training centre about one hour from Madrid.
All the extensive recreational facilities at Campus Puente Nuevo are available to those attending.
Regular readers of our newsletters will be aware that this masterclass has received outstanding accolades from those who have attended it, recognising that, in taking them out of their comfort zones and providing guidance on the most challenging business situations for security executives, it has enhanced their knowledge, their confidence and their career prospects. Many believe that it is the best security course that they have ever attended.
Please note that, to ensure the high-level tutor interface and overall interactivity, attendance on this CPD certified course is restricted to a maximum of twenty. Early application is strongly advised.
A marketing flyer will be released in early in February. To receive the flyer or to make any enquiries about this course please -
Contact Becky Burrill here: email@example.com
Burrill Green Business Security Managers' Course
The purpose of this unique, CPD certified course is to equip managers with the knowledge they need to manage the delivery of a high and consistent standard of security capability, the thorough integration of all aspects of security into other business activities and how properly business integrated security adds value.
The course, often used by country security managers or managers designate, is designed as a management skills development tool for Security Managers, including IT Security Managers, and Managers from other functions who have a secondary responsibility for security. It can be delivered in diverse ways - residential, generally for organisations, and by distance learning for both organisations and individuals.
A newly developed version of the Business Security Managers' Course, has been created to give security and intelligence analysts the knowledge and management tools and techniques required to broaden their career prospects by moving in to security management. The course tutor is Tony Judge.
The words of a former distance learning student;
"The Burrill-Green Business Security Managers' Course teaches managers how security techniques can meaningfully contribute to the achievement of business outcomes. The course instructs students in how contextual expertise and parallel consideration of functional priorities can result in more effectual business processes, cost savings and a safer workforce. I was extremely fortunate to have the course delivered by Tony, who began as my teacher and within a short period, became my mentor."
Interested in the Business Security Managers' Course?
Contact Becky Burrill here: firstname.lastname@example.org
Burrill Green Consultancy Services - Comprehensive Listing
Collaboration and convergence are key success factors in managing risks facing any organisation's people, profits and prestige. A converged or business resilience centred risk management approach recognises and addresses the interdependence of business functions, overlapping risks, integrated business processes and assets. Risk management requires a team effort integrating technical skills/expertise and business knowledge. Teams that communicate well, identify opportunities for creating value and adopt an inclusive and transparent approach are more likely to succeed than those that work in silos avoiding inclusivity and do not understand business requirements. Burrill Green over the years has perfected a converged approach towards managing risks and ensuring organisational resilience.
Through its team of experts, Burrill Green provides services that can be best termed as a "one window operation" centred around making organisations aware of their risks, advising them on mitigating these risks and supporting them in managing the fallout of risks should they materialise. Covering the entire spectrum of business resilience and security consultancy services, Burrill Green through its own in-house expertise and that available via PICA Corporation our American strategic alliance partner, helps organisations manage their resilience and security risks in a wholesome and integrated manner thereby reducing complexity, lowering costs and ensuring elimination of any blind spots in risk management.
Our services cover protection of physical and virtual organisational assets, product integrity assurance, business continuity management, incident and crisis management and associated training and awareness activities. Our services also include due diligence, analysis/provision of business intelligence, fraud detection and protection and assisting organisations implement security and resilience related standards and ensuring compliance with cyber/data protection regulations. A comprehensive list of our service offerings, together with PICA, is listed below;
IT/Information Security Lifecycle Consultancy
EU GDPR/UK Data Protection compliance audit and implementation support
ISO 27001 audit and implementation support
Payment Card Industry – Data Security Standard (PCI-DSS) compliance support
Network resilience and penetration testing
Support with Cyber security strategy, policies and processes formulation
Cyber incident response management
IT/Information security training and awareness
Internet Threat Detection. Analysis. and Mitigation
Emergency Response and Business Continuity Consultancy
Board level Crisis Management Training Workshops including crisis communication and crisis decision making training
Program setup and roll out support
ISO 22301 audit and implementation support
Incident and crisis management support including assistance with creating crisis management plans and preparedness
Product contamination/product recall support
Training and awareness of staff
Counter-Fraud Management Support
Anti-fraud program setup, roll out and audit support
Physical Security Risk Management
Security Risk assessments and provision of strategic security intelligence
Assistance with formulating security strategies, policies and solutions to protect assets and reduce the likelihood of losses from security risks
Security audits and reviews to identify gaps
Training and awareness of staff
Supply Chain Security Reviews and Technical Security Measures implementation support
Technical Surveillance Counter Measures
Business Security Intelligence
Country Risk Analysis
Employee Risk Management
Mergers & Acquisiitions and New Market Entry Intelligence Support
Third Party Risk Assessment
Intellectual Property/Brand Protection Support
Support with Track and Trace Projects
Provision of actionable intelligence
Executive Close Protection Details
Major Event Security
Security Awareness Training
Travel Security Advice
Extortion and Kidnap Support including psychological
training of staff and rehabilitation of victims.
Terrorism Threat Assessment
Anti-terrorism advice and support
Travel advice to high risk countries
Staff training and awareness
Burrill Green Security Executive Training Workshops
Bespoke workshops according to client requirements
In the first instance, to be connected to the lead consultant for any of the above -
Please contact Becky Burrill here: email@example.com