From Big Data to Rich Data How Data Analytics Add Value to Security Risk Management. Patrick Hennies, Rainer Rex 15th European ASIS, 04/08/2016

Transcription

1 How Data Analytics Add Value to Security Risk Management Patrick Hennies, Rainer Rex 15th European ASIS, 04/08/2016

2 Who we are Global leading positions in consumer and industrial businesses Consumer Businesses Industrial Business Laundry & Home Care Beauty Care Adhesive Technologies 2

3 Who we are Henkel at a glance ,000 employees worldwide Active in more than 190 countries Around 18.1 bn sales, +3.0% organic sales growth 61% of our sales generated by our top 10 brands 472 locations around the world 139 years of brand success 3

4 Global Security Organization Corporate Security Fire Safety Operational Security Regional Security 4

5 Corporate Governance Segregation of Duties Headquarter Specialized Experts providing guidelines and ensuring holistic security Regions Regional Experts providing local knowledge following the framework provided by the Headquarter 5

6 Security Threats at Henkel Diverse landscape North America Regional Head of Security Corporate Security Head of Corporate Security Office Global Security Corporate Director Global Security Europe Regional Head of Security Commonwealth of Independent States Regional Head of Security Russia Area Security Manager Ukraine Area Security Manager Mexico Area Security Manager Latin America Regional Head of Security India / Middle East / Africa Regional Head of Security Greater China Area Security Manager Threat Rating Insignificant Low Colombia / Andean Area Security Manager India Area Security Manager Asia / Pacific Regional Head of Security Security Analyst China Medium High Brazil / Mercosur Area Security Manager Extreme Approx. ~200 employees, 15 nationalities in 12 locations 6

7 Global Trends Challenges for Security Management Failure of Infrastructure Social Instability Global Threats World Without Secrets Terrorism & Extremism Natural Disasters 7

8 The Challenge Separate significant from irrelevant alerts Storm Kidnapping Power outages Protests Explosions Traffic accident Tsunami Flight cancellations Crime Flooding Demonstrations 8 Strikes Earthquake Shootings Flight disruptions Blackouts Terrorist Attacks Plane Crash Bombing Pandemic Daily confrontation with a flood of alerts

9 The Response Intelligent Data Analyses Increasing number of Alerts BIG DATA 8000 Enormous data Short lifetime of information Reliability of Facts estimated Informational Warning & Critical Fast and reliable decision making is essential 9

10 The Benefits How data analytics support management communication 10

11 Big Data vs. Rich Data Monitoring and analyzing real-time data Big Data Rich Data Impressive volume, Limited value Precise and subject to rigorous quality control 11

12 Changing Security 2020 Move from reactive to proactive VOLUME Data Size VELOCITY Speed of Change VARIETY Different forms of data sources VERACITY Uncertainty of Data Develop a methodology to gain control of information! 12

13 Threat Inventory What needs to be monitored? Crime Health threats Sabotaget Extortion Embezzlementt Burglaryt Kidnappingt Natural disaster Theftt Fraud Stalking Geopolitical t threats Workplace violencet Vandalismt Assaultt Infrastructure collapse Information loss 13

14 Big Data Transformation to Rich Data Threats Data sources Intelligence services News & web monitoring Security service provider External network information Internal incident reporting Strategic concept Information aggregation Operational knowledge Security Risk Assessment 14

15 Corporate Security Define threats for each work stream Threats by activists and social unrest Natural disaster threats Crimet Infrastructure collapse Information loss and espionage threats 15

16 Implementation example: Physical Security Matching asset risk ratings and mitigation measures Pool of relevant threats Data Sources Relevant threats per work stream Algorithm Defined assets per work stream Individual asset risk ratings Pre-defined measures tailored to asset risk 16

17 Threat Management An effective framework Policies Roles Measures Auditability 17

18 Visualization What we have today Conventional risk maps Self-made charts Theft Property offenses Assault Workplace violence Vadalism Corruption 18

19 Visualization What we are looking for 19

20 Example of missing data Emergency Travel Assistance 20

21 Example of missing data Alert and trend analytics Likes, Comments and Shares Alert Feedback Source: Likes Comments Shares Incoming Alert not relevant to be monitored highly relevant Please select relevancy for your organization! Source: Source: Source: 21

22 Benefits of Rich Data What is it all about? Value-added calculation Fact based threat levels Continuous benchmarking Measures Risk adjusted prevention Enhanced forecast 22

23 Why are we here? No rich data without data exchange! 23