Rich Mason
VP, Honeywell Global Security, Honeywell
Honeywell is a Fortune 100 diversified technology and manufacturing leader, serving customers worldwide with aerospace products and services; control technologies for buildings, homes and industry; turbochargers; and performance materials. With such diversity of opportunity at Honeywell, having the right controls and security in place is critical to long-term success.
Rich Mason, VP of Honeywell Global Security, sees beyond the sheer size and challenges of managing security operations at a large diversified company and has embraced and capitalized upon Honeywell’s unique security challenges and business opportunities. “Working for Honeywell means you will never get bored, as the environment is so diverse,” Mason says. “Risk management is an iterative, dynamic negotiation. It requires good relationship management, marketing and a good awareness of business objectives and risk tolerances and is a perfect function by which to explore all of the other key functions in a global business.”
“What makes this job interesting is that we’re very diverse in terms of our risk tolerance,” Mason adds. “I have to deal with different ends of the spectrum: one that wants flexibility and another that is grounded in significant regulatory requirements, like Defense, that aren’t willing to go as fast or aggressive. We don’t have a ‘one size fits all’ approach. Security is very much a dialogue. Our security team consists of businesspeople, consultants and advocates. That’s what makes us unique and successful.”
Honeywell is also a Six Sigma enterprise, a set of techniques and tools for process improvement developed by Motorola in 1986. Six Sigma seeks to improve the quality of process outputs by identifying and removing the causes of defects (errors) and minimizing variability in manufacturing and business processes. Each Six Sigma project carried out within an organization follows a defined sequence of steps and has quantified value targets, for example, reducing costs. That process helps security’s role at Honeywell, Mason says, because defects – with security, it’s risk– is managed very carefully. “We look for repeatable process, and we try to eliminate defects and waste,” Mason says. “I am constantly tracking failure modes and working on solutions to ensure those issues don’t arise again. Through our leadership we’ve built an environment that is continuously improving. We’re not comfortable just reporting the weather; we’re actively changing it.”
However, the challenge with managing risk with a Six Sigma environment, Mason says, is the risk to become complacent. “One campaign for us right now is resilience. I think too many security organizations are getting caught in the trap of saying compliance is good enough to manage risk. Some will say: ‘If I’m ISO certified and if I have my government certification, I’m secure.’ And I like to push back on folks and say that’s minimum security. Let’s not confuse that with resilience. Resilience is this concept of no matter what gets thrown at us we can minimize the impact, we can get up quickly, we can learn from it and we can continuously improve. The only way to do that is when security is integrated, when it is built in, not bolted on.”
Mason’s professional background is both physical and cybersecurity, with previous security positions before being named Honeywell’s first Chief Information Security Officer for the Aerospace division, and then taking on the CSO role.
His cyber background has proven useful in his CSO role at Honeywell as he has responsibility over cyber, physical and industrial security, which covers managing employee and facility government clearances. A CSO for each of Honeywell’s major lines of businesses report to him. Mason reports to Honeywell’s General Counsel.
Honeywell has developed Security Centers of Excellence where all standard work, such as training, managing employees’ clearances, facility clearances, lining up audits and pre-audits and inspections, gets managed. “It also trains our security team on being better business people. I think that’s what is changing in the security environment. It is taking pure play security folks and up-armoring them with marketing skills, with procurement skills and engineering skills, and overall, creating well-rounded business professionals.”
Overall, security’s mission is “about people,” Mason adds. “Any successful organization needs to advance in all three domains of people, process and technology. But it starts with good people to advance the latter. At Honeywell people are our ultimate differentiator. We have skilled, motivated people that embrace change and are constantly looking for ways to improve and increase their productivity through new tools and standardized work. That’s what makes us valuable partners to the Leadership team,” says Mason.
At the end of the day, what also defines Mason’s success, he says is “doing meaningful work. Protecting Honeywell and national security interests in the chemical, aerospace, defense, process control, manufacturing and technology sectors are very rewarding.”
Security Scorecard
Annual Revenue: $39 Billion
Security Budget: Confidential
Critical Issues
High Growth Regions
Cyber Resiliency
Governance Risk and Compliance
Security Mission
Asset Protection/Theft
Business Expansion Support
Cybersecurity
Drug and Alcohol Testing
Employee Travel
Enterprise Resilience
Loss Prevention/Asset Protection of goods for resale
Risk Management Planning
Supply Chain
Supporting Business Growth
Terrorism
Weather
Workplace Violence