Boardroom
Unisys

In the Boardroom With...
Mr. Nick Evans
Vice President and General Manager
Worldwide Enterprise Security
Unisys (NYSE: UIS)


SecurityStockWatch.com: Thanks for joining us today, Nick.  Please tell us about your background and your role at Unisys.

 Nick Evans: Thank you for the opportunity to speak with you today. We’re delighted to have been selected as part of your security stock focus. At Unisys, I lead our Enterprise Security Initiatives program which is one of our five strategic growth initiatives. The other four key areas are  Outsourcing, Real Time Infrastructure, Open Source and Microsoft solutions. In the IT services business, these are all double-digit growth areas - and areas that we believe are key offerings and enablers for client business transformation. Our primary focus is to help our  customers in both government and commercial markets to achieve the benefits of  secure business operations. My personal background includes co-founding the Internet Consulting practice at Coopers & Lybrand in the 1990s and then running the Emerging Technology practice at BearingPoint where I focused on Radio Frequency Identification (RFID) among many other disruptive technologies that can help achieve business innovation. 

SecurityStockWatch.com: Please give us an overview of the security services which Unisys offers.

Nick Evans: At Unisys, our view of enterprise security is a holistic one, with end-to-end solutions that help identify people, track and trace goods and assets, and protect information and IT systems. We strive to help clients achieve secure business operations across all these aspects of their enterprise.

We’re talking about security across people, process and technology. A secure business operation is a core vision for us along with the concept of the trusted enterprise. We believe that in today’s economy, security solutions must be thought of strategically and applied not only for risk mitigation but also for growth and innovation. This is a change in mind-set from the traditional view of security as a cost of doing business or “insurance,” merely an information protection issue. Our security solutions provide clients with visibility into all aspects of their operations so they can reduce costs, improve efficiencies and grow their business.

Unisys has more than 35,000 employees worldwide who serve key markets such as the public sector, financial services, and commercial industries. Our global footprint and breadth of security solutions include some of the world’s largest security challenges such as implementing the first electronic passport with biometrics for the Australian government and the world’s largest multipurpose smartcard for the Malaysian government. Unisys also runs the world’s largest RFID network for the U.S. Department of Defense. Our managed security centres handle some of the largest volume of real-time event monitoring to help clients security their networks more efficiently with around-the-clock protection.

Unisys offers a range of services from strategy to implementation coupled with outsourcing and managed services solutions. Our solutions include security policy and planning, security program management, security governance, and IT security operations which encompasses configuration management; vulnerability, event, and incident management; identity and access management; and business continuity planning.

SecurityStockWatch.com:  We know that various government mandates such as Sarbanes Oxley, the Customs-Trade Partnership Against Terrorism (C-TPAT), and Homeland Security Presidential Directive 12 (HSPD-12), among others, are market drivers for security solutions. Please tell us about these Government mandates and we'd appreciate your perspective on the market drivers right now for Unisys solutions.

Nick Evans: Compliance with government mandates is a key driver for security solution implementations worldwide and affects both public and private organizations. These regulations and mandates have brought the security discussion from the back office squarely into the boardroom. What’s interesting is that these regulations and mandates cover more than protecting information and IT systems. They also apply to how we track and trace goods and assets within our global supply chains and how we identify personnel accessing systems or facilities.  

For example, section 404 of SOX requires companies to have controls in place to protect against adverse, preventable events—including those within their supply chains—that could impact their value. C-TPAT requires companies to take responsibility for the security of their own supply chains. While C-TPAT is voluntary, the consensus is that it may well become mandatory in the near future. Issued in 2005, HSPD-12 aims to establish a government-wide, standardized credential for personal identity verification, or PIV, for government employees and contractors. This mandate applies to physical and logical (computer) access and is a good example of security convergence which we’ve heard so much about in recent years.

More broadly, we see compliance as one of “the five Cs” – along with communications, collaboration, complexity and competition – driven by globalization that cause organizations to improve their current levels of security and to raise their overall security posture. As they operate on the world stage, today’s businesses and governments now open themselves up more and more to  vulnerabilities that are inherent in global trade opportunities. The Internet, outsourcing and de-centralization are just some examples. Companies have become much more agile but their level of assurance, or security, hasn’t kept pace, yielding an imbalance between agility and assurance that must be closed. We’ve seen the downside of this imbalance in media headlines that have highlighted recent occurrences of identity theft, fraud, lost backup tapes, container security issues, regulatory fines and loss of consumer confidence.

Today’s businesses and governments must deal with these five forces of globalization together with increasing asymmetric threats such as acts of nature, terrorism and cybercrime. The challenge is to protect against the unexpected, the unknown and the unseen. This is why we believe visibility is such a key topic. You can’t protect what you can’t see. Having visibility into all aspects of your business operations provides a greater level of security while simultaneously improving an organization’s ability to increase its agility to respond to ever-changing market demands. We see future security implementations focused as much around enablers for growth and innovation as they are around risk mitigation and compliance.

SecurityStockWatch.com: In the U.S. government market, we understand that Unisys is involved with several high profile projects such as:

- Department of Homeland Security Managed Services Contract
- U.S. Army RFID project
- TWIC (Transportation Worker Identification Credential) and CAC (Common Access Card)
-

Without giving away any trade secrets or confidential information, can you give us an overview of Unisys role in these projects?

Nick Evans:
- Department of Homeland Security - Unisys has provided managed services for TSA since August 2002 (at which time DHS didn’t yet exist).  Under the information technology managed services (ITMS) contract, Unisys and its partners are building and managing the IT infrastructure for the nation’s 445 commercial airports, enabling screeners to do their jobs more effectively and enhance security.  While DHS plans eventually to consolidate IT operations of its 22 component agencies, it awarded Unisys a one-year “bridge” contract in December so that the company could continue its airport work and other support that it provides to DHS. 
- U.S. Army RFID project
- Unisys has worked with the U.S. Army for more than a decade, providing the U.S. military with tools and processes to track everything from weapons to supplies to medical equipment. Using RFID gives the Army real-time insight into the location and contents of every shipment, enabling a quick response to battle plan changes and ensuring the warfighter has the supplies critical to his or her mission. The network is supported by servers on three continents and 1,500 reader nodes across 25 countries.
- TWIC -
A request for information (RFI) was issued recently re:  TWIC IV (this is phase four of the program, which calls for full-scale deployment of a transportation worker identity credential).  Unisys is working on its response to the RFI.

SecurityStockWatch.com: In the International market, Unisys has recently had impressive “wins” with:
- Banorte, one of Mexico's oldest and largest financial institutions,
- Malaysia’s smart card project and
- Australian passports.
What are the Unisys solutions that have been provided in these projects?

Nick Evans: In the case of Banorte, one of Mexico’s oldest and largest financial institutions, we are helping the bank improve its fraud detection capabilities through an advanced technology solution that monitors transactions in real time and analyzes potentially suspicious patterns more intelligently across product channels throughout the bank. The Unisys Active Risk Monitoring System (ARMS) helps additional banks around the world protect their operations against identity fraud, money laundering and other security challenges.

The Unisys solution for Australian passports Australian passports uses facial recognition technology to positively identify the holder of the passport. Australia is the first country to comply with the International Civil Aviation Organization’s adoption of such technology as the worldwide standard for biometric-enhanced travel documents. Unisys helped write the standards that ultimately were included in designing the passport.  The passport delivers increased safety and expedited service to 20 million-plus Australian citizens.

The Malaysian smart card, or MyKad is a multi-purpose digital application card for all citizens over the age of 12. It consolidates drivers’ licenses and ID cards for bill payment – called ePurse; tolls parking; public transport; ATM banking; and health services into ONE card. The card also expedites activity at immigration checkpoints. MyKad cards incorporate a thumbprint, in addition to a photograph and surface information, to ensure the holder’s identity. More than 18 million cards have been issued 

SecurityStockWatch.com: Let’s turn to the commercial market. Please give our audience an overview of Unisys solutions in the commercial and financial verticals?

Nick Evans: The Unisys go-to-market approach is first driven by our industry focus. For each of our target verticals, we have highly focused security solutions and consultants with deep industry expertise to tailor offerings for our clients and the marketplace challenges and opportunities they face. For each industry served, Unisys brings the same framework of solutions to identify people, track and trace goods and assets, and protect information and IT systems but we fine-tune the solutions accordingly.  

As an example of how we tailor services to meet industry needs, our security offerings for financial institutions to identify people support the business objectives and priorities for stronger authentication to meet growing government mandates around the world, including the recent Federal Financial Institutions Examination Council (FFIEC) recommendations for two-factor authentication in online banking here in the United States.

As I mentioned, we also help banks like Banorte secure their operations against identity fraud, money laudering and cybercrime with the Unisys Active Risk Monitoring System. Unisys has help Banorte improve its capability to detect potential fraud through advanced analytics that identify, manage and reduce potential risk by mining transactions for patterns that could be suspicious, and sending immediate alerts to risk managers.

Unisys also provides financial institutions with secure web access and bill payment, enterprise-wide encryption, track and trace capabilities for physical data transport such as backup tapes, managed security services for leading banks such as Lloyds TSB, and many other areas.

One of our key offerings in the commercial marketplace is our Global Visible Commerce (GVC) solution suite. Our GVC solutions and services enable organizations to track, trace and secure goods and assets leveraging technologies, such as RFID, cellular and GPS.

Unisys GVC incorporates solutions such as in-transit visibility and security, anti-counterfeiting and electronic pedigree (pedigrees track all information about a drug or other product as it moves from the manufacturer to the point of sale), secure commerce and port security, asset tracking and management, and infrastructure management services. Our clients include Perdue Pharma, the U.S. Transportation Security Administration, General Electric, Thomasville Furniture and Mallinckrodt.

SecurityStockWatch.com: Unisys recently proposed new global identity authentication policies at the 15th World Congress on Information Technology in Austin, Texas. Can you provide some more background on the policy recommendations?

Nick Evans: Certainly. The rapid convergence of security issues among businesses, governments and consumers worldwide, combined with the growing debate around individual privacy, has created an urgent need for identity authentication standards. Validating one’s identity is something people do everyday, from logging on to computer networks, conducting online banking transactions, navigating airport security, and crossing borders, yet very little global coordination exists in identity management business practices and procedures.

The Unisys proposals represent the first attempt to create a diverse and impartial consortium that would develop standardized business procedures – not just technology standards – for worldwide identity authentication. The end goal is to create a baseline for adoptable global practices, allowing ID credentials to operate across international borders and encourage confidence and trust from organizations and individuals around the world.

 

This is a large and complex topic and will be an exciting space to continue to monitor. Our main focus is on the business processes and best practices behind identity authentication since much of the standards groundwork has already been prepared. We believe it’s an area where consumers, businesses and governments alike can all gain from further collaboration and the end result can yield improved security and privacy for consumers – it no longer has to be a tradeoff.

SecurityStockWatch.com: One will read on Unisys.com regarding the Security Leadership Institute, “Through published research on identity management and other top issues, the board will help clients see "beyond the horizon" and gain security insights that can become key factors in their long-range business strategy.”  What is the mission of the Security Leadership Institute and who is on the Board?  

Nick Evans: The mission of the Security Leadership Institute is to be an objective source of insight into emerging security issues and best practices for Unisys, our clients, and the market at large. The SLI is a working group and the members are a key asset for us in terms of validating and refining our strategic direction and working with us around the tough issues confronting the marketplace in terms of global security. The group is comprised of nationally recognized security experts from both business and government and includes prominent individuals such as:

General Michael P.C. Carns, USAF, retired - vice chairman of Privasource, Inc., a software firm that specializes in securing large, sensitive databases.

William P. Crowell - Security consultant and former deputy director of the National Security Agency.

Jim Flyzik - a partner with consulting firm Guerra, Kiviat, Flyzik and Associates, Inc., and former CIO, U.S. Department of the Treasury.

Dr. Lawrence A. Ponemon - Chairman and founder of the Ponemon Institute, dedicated to advancing ethical information and privacy management practices in business and government.

Patrick R. Schambach - Senior Vice President and General Manager e-Government and Infrastructure Solutions PEC Solutions.

Alan Wade - Central Intelligence Agency (Emeritus) Chief Information Officer.

SecurityStockWatch.com:  What resources such as case studies, webinars, and white papers, are available at www.Unisys.com for end-users? 

Nick Evans: You can find extensive materials on the corporate web site (www.unisys.com) that include white papers from our large group of security subject matter experts on a wide variety of security issues and recent research on key issues such as consumer opinions on protection and use of identity credentials that we’ve conducted in conjunction with the Ponemon Institute – a leading independent firm that specializes in privacy and security research. In fact, many of the research findings may surprise you. One of the key takeaways from our recent research was that a majority of consumers would share personal data and would consider biometrics if they knew the end user will securely protect their information and they can perceive a clear benefit in convenience gained. For a summary of the research and related security issues click here. 

SecurityStockWatch.com: Thank you very much for your time today, Nick. Is there any other subject you would like to talk about?

Nick Evans:  Thank you. I would like to conclude by commenting what an interesting, yet challenging, time we live in right now. The security of people, goods and assets, systems, processes and data have become an incredible challenge in the global and digital economy. We need to redefine security to cover all these aspects and think about secure business operations in a much more holistic manner. Supporting our clients in achieving this objective is a core competency for us at Unisys and we take it very seriously. 








Please read our Terms of Use and Disclaimer.
Unisys  is included in our Investment Guide To 350+ Security Stocks©.