Inside OSAC's Race Against Terrorism

The Overseas Security Advisory Council (OSAC) was set up to forge better cooperation between the public and private sector in the event of an attack like the recent Marriott bombing in Pakistan. In this Q&A, OSAC member and Honeywell security chief John McClurg explains how it all works.

Last weekend's bombing of the Marriott Hotel in Pakistan is the type of incident the Overseas Security Advisory Council (OSAC) was set up to deal with. Specifically, its goal is to keep such events from happening in the first place and, if necessary, help those affected by terrorist acts to bounce back quickly.

To do that, this federal advisory council works to promote security cooperation between American business and private sector interests across the globe. Participating in these activities is John McClurg, vice president of global security for Honeywell International. Honeywell is an OSAC member organization along with such business giants as CIGNA, Boeing, FedEx and Raytheon, and McClurg chairs a subcommittee designed to ensure that critical information is delivered in as many media formats as possible.

In this Q&A, McClurg explains how the organization works and how it can help corporations prevent or at least weather the next attack.

CSO: For those unfamiliar with OSAC, describe its history and main goals.

John McClurg: It's one of the longest-running and most successful private-public partnerships in existence. It started in the 1980s during the administration of (U.S. Secretary of State) George Schultz during a critical time when this kind of cooperation was rare.

Fast-forward to 2008: We recently observed the seventh anniversary of 9-11. With that in mind, what's the main security concern of OSAC these days?

McClurg: The center at all times for us is to ensure a proper apprehension of the validated threats that are poised to strike against U.S. corporations functioning in the global marketplace. Wrapping our arms around that ever-changing dynamic threat profile in a way that's meaningful and actionable for U.S. corporations is at the heart of the whole exercise. The growing analytic staff at the heart of the OSAC mission is geared toward that, effectively linking up with the private sector to help filter and pinpoint trends and be a source in which constituents can prepare for whatever may be coming down the pike.

Describe the specific ways in which member organizations work together.

McClurg: There are a variety of ways we work together. At one end of the spectrum is the collaboration and networking that takes place at our annual November briefing in Washington D.C. We sit and listen to reports and establish dialogues with different organizations that can best collaborate. We also rely on more than 100 country councils around the globe that are tied into OSAC. They are associated and linked to various embassies and hold regular meetings where concerns and best practices for specific local issues can be traded between members. Then there's the website, where a lot of threat information flows in on a real-time basis to our members. Of our three main committees, one is focused on that kind of content. Then there's a committee tasked with keeping up on and growing membership, then my committee is tasked with making sure all our information is delivered in effective ways, be it news articles or podcasts.

Of all the trends taking shape, which ones should businesses be most concerned about right now?

McClurg: There's always the potential for new terrorist attacks, and when an event unfolds members need access to the most up-to-date, real-time information possible. That's always the biggest concern.

Does OSAC hold any extra awareness activities around certain anniversaries like 9-11?

McClurg: The occurrence of an anniversary doesn't really affect us, since a heightened state of security has been the constant since 9-11. What was a higher state of vigilance 10 years ago is just the norm today. But there is more heightened activity whenever there are high-profile events taking place.

Such as? security activity around the Olympics. OSAC was a great resource for corporations that either hosted customers at the Olympics or sponsored events. With events like this, we certainly appreciate the fact that terrorists like to try things, as we saw during the 1972 Olympics in Munich.

McClurg: There was a lot of

Can you talk about security at Honeywell and how it relates to the best practices OSAC tries to share with its members?

McClurg: The reason OSAC resonates so well with Honeywell is that we as an organization pride ourselves in being a threat-based organization. There are real threats and theoretical threats and when deploying your security resources you want to be sure you're focusing on your most valuable assets and that you are being responsive to the real validated threats. To do that you have to have good data coming in. OSAC has a very analytical core and members need to constantly check in with analysts in various parts of the world. In some cases, companies that are able to use OSAC's analytical resources can be saved from having to pay for the same resources in-house.

Copyright © 2008 IDG Communications, Inc.

22 cybersecurity myths organizations need to stop believing in 2022