In Depth

Graham Kee: The Mediator

To get the job done at a major seaport, Graham Kee convinces dozens of competing stakeholders that collaborating on security helps everyone succeed

By Sarah D. Scalet

June 01, 2005CSO — The thin, white card that Graham Kee keeps in his wallet doesn't look like anything special. Roughly the size of a credit card, it displays his picture and name, along with the logo for the Port of Vancouver, an identification number and an expiration date. Yet the card carries much more meaning than its flimsy weight suggests.

In 1997, when Kee took over as CSO for the Port of Vancouver, there were plans in place for not one kind of ID card but several. In fact, there might have been dozens if each of the port's 27 terminal operators had created its own system. Somehow though, Kee, an unassuming sailor from small-town New Brunswick, Canada, drew together the port community's 23,000 diverse membersfrom longshoremen to law enforcement, from truckers to union bosses, from tugboat operators to government regulators to 160 port authority employeesto develop a standard smart card system now used to access all the different areas of the 160,000-acre port.

The standard ID card didn't happen because the port authority had a lot of money to throw around. (Until recently, the Canadian government could not give security grants to its ports.) It didn't happen because the groups involved had a history of smooth relations. (When Kee started, the longshoremen's unionlong linked in Canadians' minds with organized crimeand law enforcement officers could hardly bear to be in the same room.)

No, observers say that the cards came about because of Kee's polite insistence on asking, not telling, the port community about the best ways to improve security and business efficiency, and then building a system that incorporated that feedback. This method of simultaneously building trust and influence is the same one that Kee brings to his next big challenge: getting union bosses to accept a new background checks mandate.

"Graham has taken an inclusive approach to security rather than a dictatorial approach, and I think that's largely why we've succeeded," says Onkar Athwal, vice president of operations at the British Columbia Maritime Employers Association, which represents ship owners, wharf operators (including container terminals) and stevedores for Canada's West Coast. "If I tell him, Graham, I don't like that. It doesn't work,' he says, What else can we do?'"

Kee, for his part, credits to the organizations he brought together. "I think I get [my approach] from working in small towns," says Kee, 48, sitting in his office on Vancouver's waterfront. Behind him, a spring rain is beating down on the port, but business is humming. Seaplanes land, lumber is hauled in, oil is pumped onto ships, and trailer-trucks and trains carry off loaded containers headed inland. This hubbub is Kee's adopted community.

RESOURCE CENTER
Loading...
VIRTUAL CONFERENCE
Data Center Directions Virtual Conference

Data Center VCAttend this free, 100% online event exploring tools and techniques for making your data center deliver for today and tomorrow.

» Learn more and register here

WEBCAST
The Surest Path to Effective and Efficient Compliance

VeriSignIn this webcast, we explore why and how — with best practices, practical tips and solutions that work — to ease your compliance challenge.

» View the webcast

Featured Sponsors
Sponsored Links

Think your data is safe? Think again. It's time to Outthink the Threat. Get eBook now

Configuration Audit and Control for Virtualized Environments

Enabling Compliance with Converged Mainframe Security and Storage

Diebold: Frost & Sullivan Global Physical Security Systems Integrator of the Year

Ponemon Study: How Much Does a Data Breach "Cost"?

Data Protection: Challenges for the Traveling User

Key strategies for C-level executives and security staff

Configuration Assessment: Choosing the Right Solution

The PCI Data Security Standard

Configuration Audit and Control for Virtualized Environments

7 Requirements of Data Loss Prevention

Information Security: Data Drains and How to Prevent Loss

How Are Open Source Development Communities Embracing Security Best Practices?

IDC Defines an Identity and Access Management Submarket

Using Likewise to Comply with PCI Data Security Standard

IDC Defines an Identity and Access Management Submarket for Managing Privileged User Accounts and Meeting GRC Requirements

The Case for Business Software Assurance ~ Securing Your Applications

Forrester Total Economic Impact (TEI) report: Save Millions in Fraud Losses.

Learn how the new Quad-Core AMD Opteron™ processor improves performance

Rolling the dice with your security? Take the Self-Assessment Test now

Take our CSO role survey and receive a copy of the results

Prepare for (ISC)2® Certification With Villanova - Online

Revolutionizing Endpoint Security with a Single Agent

Envision Identity-Based Access Control for the Datacenter

IT Service Management: Metrics That Matter

ITCi White Paper: Challenges and Opportunities of PCI

Effective Security with a Continuous Approach to ISO 27001 Compliance

E-LOAN Maintains Reputation as a Privacy Leader with Symantec

Data Loss Prevention: Keeping Sensitive Data Out of the Wrong Hands

Prudential Financial Protects its Brand with Symantec

Envision Identity-Based Access Control for the Datacenter

Digital Identity Protection and Data Security Get Personal

Welcome to the age of Service-Oriented Security (SOS)

Everything Today's CISO Needs to Know About Using SSO to Succeed in the Web 2.0 Era

Solving Online Credit Fraud Using Device Reputation