The global security team
Raising awareness
Security in good shape
3
u
O)
ISI
-Q
_o
O
interests globally
out ourselves. It's now about measuring
and controlling the compliance of third
parties against our own security expecta-
tions,' explains Gaillard.
The face of Rabobank International (Rl)
is changing dramatically as a result of
acquisitions worldwide, especially the
acquisition of smaller companies that have
varying levels of maturity when it comes
to security. The fact that we are moving
towards retail banking has also consider-
ably changed the nature of security meas-
ures. We need to consider issues such as
cash handling and the public use of our
offices. All these developments bring new
challenges that we need to incorporate
into our security framework.'
RI's global security team is made up of
29 people (security officers, analysts and
administrators) who work on issues such
as security monitoring, user account
management and the creation of new
tools for security awareness. The security
officers meet once a year and the team
has developed a strong culture of net-
working. 'Generally speaking most of the
problems we face are similar from one
region to another, and a great deal can be
achieved by communicating efficiently.
What works in one region is very likely to
work in another,' says Gaillard. 'Having
said that, although there are definite
similarities, some cultures are more
aware of security than others, and more
interested, so we have to adjust the way
we communicate to our staff and that can
differ from region to region. There is also
a local legal framework and privacy issues
we have to comply with.'
The security team's real challenge,'
Gaillard continues, 'is keeping pace with
RI's expansion and bringing new people
on board, whilst developing a common
approach to security issues by exchanging
information and continuing to build the
global security culture.'
'Having a visible and definite security pres-
ence in order to deal with issues quickly
and efficiently is the key to keeping the
bank and our employees protected,'
explains Gaillard. 'But to achieve this we
also need to talk to employees, explain
the potential risks and inform them how
to avoid them. At the heart of the job are
the security officers, and it is crucial how
they live the security values and commu
nicate them to our employees. We have a
website that we use to convey information
and we have just published a leaflet that
summarises key security rules. We are also
developing a number of ad-hoc cam-
paigns in the regions, but the real issue is
raising awareness.'
Looking at security generally, Rabobank
is probably in better shape than many
larger institutions. 'We are small enough
to have an overview of a whole spectrum
of issues and to take swift action if neces-
sary. Security is about being proactive,
and putting pre-emptive measures in
place to protect the bank,' says Gaillard.
'Security best practices are well mapped
out and we know what we should be
doing to stay protected. Risks come from
the things we don't do, and that's exactly
what we have to understand and manage
in the context of our own growth, and
in a world where security is becoming
increasingly complex.'
You can find more security information on
http://security.rabobank.com
Issue 12 October 2006 The Word 27