CSO Compass Awards 2010: Richard Gunthner

Law enforcement is nothing new to Richard Gunthner. At MasterCard, he is the liaison to a number of agencies, including the FBI, Secret Service, CIA and Department of State. When he was the Regional Security Manager for American Airlines, he fought terrorism, drug trafficking, human smuggling and travel documentation fraud. He is highly regarded by peers in the industry association ASIS. In every context, he emphasizes the importance of understanding security’s impact on the business.

See the full list of this year’s Compass Award winners

CSO: How has the economy impacted MasterCard’s security practices? Richard Gunthner: In this economic climate, we are all being asked to do more with a lot less, think smarter and reduce expenses. Using technology and careful negotiations with vendors, we have been able to maximize our productivity while running a very tight and lean security organization. We’ve reduced our expenses by 25% over the last couple of years. We are doing more with more resources deployed, but for less money. How do you see the CSO leadership role evolving?

We spend a lot of time performing analysis of intelligence and news feeds to attempt to predict future events. We are looking at trending and trying to learn from lessons of the past, and implement measures to mitigate risks and avoid those issues from impacting us in the future.

It’s fairly easy to respond after something bad happens, but harder to look across the horizon and connect those dots and predict what could be happening and institute procedures to mitigate those threats and avoid the impact on your company, facilities and employees.

What do you consider to be the most difficult or rewarding accomplishment of your career?

I was the regional security manager for airline operations at 53 airports in the Caribbean, Latin America and Mexico. Our biggest challenge was to keep drugs from coming into the United States via aircraft. We were not only concerned with drug-producing countries, but transshipment points as well. There is so much money behind drug trafficking that there is the potential for many people to be corrupted. Drug traffickers use very sophisticated means to hide their contraband, such as having mules swallowing large quantities of drugs, or putting drugs in the stem of a flower, or having drugs manufactured into cardboard box corrugation. It was a very difficult challenge, but one that we were very successful in combating.

If a CSO could get budget approval for one security investment, what should it be?

Invest in analysis capabilities. Have at least one analyst—or more—who can take intelligence and news feeds from around the world and analyze them. Let the analysts look at trends, at lessons from the past, and indicators of bad things to come, but most importantly, put things in local perspective: Is this a regular occurrence, or something out of the usual? Analysis allows for short- or long-term mitigation measures to be implemented.

What is the most important thing that stakeholders should understand about security, but don’t?

They need to understand that there is a lot more to security than the guards they see in front of the door when they come to work every day. We do a lot of things behind the scenes to ensure that our employees can be safe as they conduct business around the world. We also try to ensure that we do this in a customer-friendly way, with the least impact on business operations. We understand that some of our employees must travel to higher-risk countries—our focus is not to discourage that necessary business travel, but to ensure that it can be conducted in a safe manner.

For example, after the London bombings in 2005, we created the “I’m OK” system for employees to use to reach out to security after being impacted by an event. This has saved a lot of time, and it lets us hear from staff members without having to reach out to each one of them. We also use the system for our high-risk-area travelers, for them to regularly check in.

We capture all travel reservations as they are booked through our travel agencies around the world. It is a sophisticated system, where we can see what flights they are on and what hotels they are staying at. Before, if there was an event, we didn’t have a quick way to know who was there. We would reach out to travel agencies, and it would take several hours. Now it’s instantaneous. In this day and age, that’s what is necessary.

What was the response to launching the system?

We now have way more contact with our employees as they travel around the globe. Initially, we were concerned that we would be perceived as “Big Brother.” The reaction has actually been to the contrary. They are immensely appreciative that we are looking out for them while they are away from their families on business.