CEOs Take Closer Look At Security

Chief executives at some of America's largest corporations have become personally involved in the planning of corporate security, including their companies' IT infrastructure, since last September's terrorist attacks, according to a survey of 72 CEOs released Wednesday by the management consultancy Booz Allen Hamilton.

Nine of 10 CEOs at companies with yearly revenue of $1 billion or more have personally reviewed disaster-planning documents since Sept. 11. And, not unexpectedly, two-thirds see their companies spending more on security in the foreseeable future.

Still, Booz Allen Hamilton executives expressed surprise at the large number of CEOs who see the terrorist attacks having minimal impact on security. One-third don't expect security spending to increase, and one in five don't believe that corporate security is more important today than it was before Sept. 11.

Mark Gerencser, VP of the firm's global strategic security practice, suggests that the extraordinary nature of the calamity created unfamiliar territory for the CEOs to navigate. "Their awareness about security is increasing, but at this point in time, companies still aren't sure exactly what to do," he says. "There are no precedents, there are no benchmarks."

Among other findings of the survey, which was conducted late last year:

--Before Sept. 11, CEOs considered corporate security a midlevel concern, giving it an average rating of 6 on a scale of 1 to 10, with 10 representing the highest priority. After the attacks, the average ranking increased to 7.5.

--Nearly half of the CEOs say their companies are evaluating alternatives in case of disruptions to their supply chains, with 42% assessing their suppliers' abilities to ensure that production is safe from sabotage. That didn't surprise Booz Allen executives, who noted that U.S. businesses lost hundreds of millions of dollars as the result of the Sept. 11 attacks.

--Half the companies have chief security officers, with 90% of them in that post for two or more years. The CIO is the most likely executive to oversee security in companies that don't have security officers.

--Sixty percent of the companies increased their use of videoconferencing since Sept. 11.

--The anthrax scare caught the attention of the CEOs, with 86% expressing increased concern for mail processing. Other concerns expressed by respondents: travel, 55% of CEOs; employee protection, 79%; and infrastructure protection, 75%.