Security Technology Executive

FEB-MAR 2018

Issue link: https://securitytechnologyexecutive.epubxp.com/i/956571

Contents of this Issue

Navigation

Page 18 of 61

www. SecurityInfoWatch.com • Februar y/March 2018 • SECURIT Y TECHNOLOGY E XECUTIVE 17 Step One: Be Proactive with Communication During his 20-plus years as a senior security executive, Soltis has gone through 17 acquisitions. Currently the Director of Global Security for Catalent Pharma Solu- tions, he previously served as Senior Global Corporate Security Leader for Teva Pharmaceuticals and Direc- tor of International Security for Abbott Laboratories. While the security landscape during the M&A; pro- cess has changed through the years, Soltis says the constants remain – chief among them being organiza- tional anxiety. "Communication is so crucial – silence just adds to everyone's anxiety, creating rumors and putting people on edge," Soltis explains. "Even when you don't have anything to communicate from an organizational perspective, you need to communicate something. If you are two months into an M&A; pro- cess and people don't hear anything , nothing being said is the worst message to convey." Soltis adds that it is important to have a good orga- nizational strategy in place before your team begins sharing information, and not just from the security department's perspective. "If you come out on day one and say 'we're acquiring this company and there are going to be a billion dollars in synergies,' how are you planning to achieve those synergies," Soltis asks. "Are you going to achieve them through plant con- solidation? If so, then at least have an understanding what plants are going to be affected and when those consolidations will occur." The x-factor of a successful communications strat - egy is the ability of security and risk teams to get their messages across equally to both the C- suite and the rank-and-file employees. "Communication is the absolute key in any M&A;," Soltis says. "Any M&A; can create uncertainty for emplo yees on both sides, so it is essential that you communicate the strategy and purpose early on in the process and as frequently as possible. Engagement of employees and rank and file (to the extent possible) of the integration activities will prove valuable in easing concern that they may have." Step Two: Take an Active Role in the Due Diligence Process A major part of the customary due diligence pro- cess for M&A; is establishing the assumption of risk – especially when it comes to regulatory compli- ance, security framework compatibility and the various business risks presented by the target company. "Regulatory compliance and other business risks can negatively affect the acquiring company from day one," Soltis says. "In my experience in the Pharma world, these risks are typically identi- fied in the due diligence process, but not always. The quality and depth of the due diligence are essential. Negotiating terms of the due diligence and taking time to ensure all systems and process- es are exactly what they appear to be can make a big difference in the assumed risk related to that particular acquisition," he stresses. Soltis says the acquisition of a public company can become a more robust due diligence process, with an SEC review providing more valuable information and data as opposed to a private company. "Ideally, it all comes down to trust and the relationship you have with the principals of the target company," Soltis says. " You must be able to trust but verify, and if the target company is showing some reluctance or resistance to full and complete disclosure, that may be a red flag." Step Three: Create a Cohesive Physical Security Plan Colin is also no stranger to M&A.; Colin was Direc- tor of Corporate Security for MillerCoors for a year until Molson Coors – the third-largest brewer in the world – formally converted MillerCoors into a division of the parent company in Oct. 2016. Colin also went through mergers and name changes when SBC bought Ameritech and AT&T; and settled on the AT&T; name. While at Abbott Labs, he transitioned to a spinoff company called Hospira where he was Director of Global Security, which was subsequently bought by Pfizer. "Each M&A; has been different," Colin says. " When we spun from Abbott to Hospira, we were starting a brand new company, so I got to put together a (security) organization from scratch, the way I wanted it – obviously getting buy-in from the CEO and the rest of the executive team. It was an uphill fight, but we got to where we wanted to be." Colin built a robust, centralized physical secu- rity infrastructure with an access control system at every global site. " When Pfizer came in, they had a totally different model," Colin says. "They had a game plan and playbook that they use (for acquisitions), so they took what was a centralized approach and dismantled it. There is nothing Because of the risk and security intricacies involved in a large merger or acquisition, the CSO and senior security team must assume multiple leading roles: consultant, mentor, facilitator and arbitrator. Image Courtesy of BigStock.com During his 20-plus years as a senior security executive, Scott Soltis has gone through 17 acquisitions. Currently the Director of Global Security for Catalent Pharma Solutions, he previously served as Senior Global Corporate Security Leader for Teva Pharmaceuticals and Director of International Security for Abbott Laboratories. Dan Colin, Director of Global Security at Molson Coors is no stranger to M&A; . Colin was Director of Corporate Security for MillerCoors for a year until Molson Coors – the third-largest brewer in the world – formally converted MillerCoors into a division of the parent company in Oct. 2016.

Articles in this issue

Links on this page

Archives of this issue

view archives of Security Technology Executive - FEB-MAR 2018