With over 30 years of experience in providing physical security and risk management programs to the U.S. Department of Defense, Department of Energy and several large international companies, I’m certainly not a neophyte when it comes to safeguarding assets. When I joined Citrix three years ago in the Global Security Risk Services group, I was eager to bring my expertise to the table.
Back then my team included 3 people, based in our Florida HQ location and Europe. Our mission was primarily to safeguard our employees, whether working in a Citrix office location, working remotely or traveling. We leveraged publicly available weather data from a variety of reliable sources including NOAA, NWS and USGS so that we could try to stay ahead of natural disaster threats that could harm our employees. We didn’t have a GSOC or any formal Command Center at the time, rather we were a dedicated team doing labor-intensive data scrubbing and capturing that in spreadsheets.
While this information was helpful, it was also plentiful, too plentiful. Trying to find the proverbial ‘needle in a haystack’ was often the case as my team reviewed the volumes of hazard data and tried to determine what the risk was to Citrix personnel. We even supplemented the scientific data with local media to try to further ascertain what the ‘local effect’ might be in a given area.
To aid us, we found a free app from the Pacific Disaster Center called Disaster Alert which was very helpful. It ingests nat cat data from reliable sources (referenced above) and curates algorithmically so that we could quickly see what active hazards existed worldwide, and where possible (e.g. hurricanes, winter storms, floods), what the forecasts were. This technology proved to us that having accurate optics on natural disasters globally and being able to proactively respond to those were paramount in protecting our employees. We learned that we needed this timely information and more.
Over the years my team expanded to align with our company’s overarching goal of ‘Organizational Resilience’ where three functional groups are the critical underpinnings of achieving Resilience at Citrix:
- Risk Management
- Incident Management
- Business Continuity
We built two GSOCs on different continents to support our corporate directive of ensuring our employees are kept out of harm’s way and our business continues to run with minimal disruption. We do that now for both natural disasters and geopolitical threats like civil unrest, terrorism, active shooter, etc. globally. We use a tool called DisasterAWARE Enterprise™ which has been a game-changer for enabling our company to achieve maximum organizational resilience.
It’s an exciting time to be in the Global Security Risk Services business. How about you? What does your journey look like?