Securing the Future and Protecting Assets in a Digital-Physical World: A Q&A with Greg Barry

We’re living in the era of digital disruption and we need bold digital and technology leadership now more than ever before. Leading this change demands knowledge, imagination, new thinking, an appetite to reinvent and the courage to challenge conventions.

In this series, we're celebrating our team of digital and technology experts and visionaries, spearheading the development and delivery of our technology-forward solutions for smarter working, and better living in Asia Pacific and the Middle East.

Our Security Technical Director for Australia and New Zealand, Greg Barry, has worked in the field of security for over four decades. During this time, he has worked on a wide range of security projects both locally and overseas. We recently spoke with Greg about the importance of safeguarding critical infrastructure and assets in the face of the growing convergence of cyber-physical systems, the common mistakes to avoid and the significance of employee training and awareness in ensuring the security of physical and digital assets within an organization.

Hi Greg! Tell us a bit about yourself and your role at Jacobs.

One of my primary responsibilities is to guide and support the security team in Australia and New Zealand, increase awareness about the importance of security for our clients and Jacobs and ensure that we comply with local and national security licensing requirements. This involves trying to change behaviors where we underestimate the value that security can bring to a client and their project. Maintaining good physical and cybersecurity practices on any project is crucial, as any lapses in security can significantly impact our reputation. If a security incident occurs on the project, the impact will be even more severe.

How does one protect critical infrastructure and assets with the increasing convergence of cyber-physical systems?

Critical infrastructure is fundamentally no different than any other market we operate in. Sure, the clients operate unique businesses, but our fundamental approach to security is the same. The cornerstone of our delivery is to use a “risk-based approach” when designing measures to protect our clients and their assets. Early engagement with clients is key to understanding their business and risk appetite. Our engagement should begin in the master planning stage as there are considerations for security even at this very early stage. You cannot think about physical security without thinking about cybersecurity; conversely, you cannot think about cybersecurity without thinking about physical security. Almost every project will have a physical and cybersecurity element.

What are the most significant security threats and risks unique to the Asia Pacific region and how can they be addressed?

The region's most prominent security threat remains the risk of cyber-attacks. In a world where we are all so highly connected, we are all vulnerable in so many ways. The bigger concern is that the people undertaking these attacks are motivated for different reasons and they can operate from every corner of the globe. If data is the "pot of gold," you don't need to get your hands on it to own it. Our remoteness is no longer a barrier.

What are the biggest mistakes organizations can make regarding physical security and cybersecurity?

It is essential to consider physical and cyber security as a unified entity, and the measures taken to mitigate both types of risks should be coordinated. Risk evaluations should not be a one-time event. They must be regularly assessed and tested, especially when there is an increased threat level in the area.

How do you use artificial intelligence and machine learning to detect and prevent threats?

Over the course of several decades, there have been countless technologies that have been marketed as the ultimate solution to all problems. There is a very fine line between technology that is “leading edge” and “bleeding edge,” and part of our role is to evaluate technology and separate fact from fiction. We’re watching this space closely. Remember, the best technology in the world is of little value if it is not deployed properly and staff are not trained on how to use it. 

What is the role of employee training and awareness in ensuring the security of physical and digital assets in an organization?

It would be ideal if every member of an organization contributed to its security. However, only some people are naturally inclined toward this, despite receiving training. Therefore, educating employees on the basics of physical and cybersecurity is crucial. One practical approach is to adopt a strategy similar to "see something, say something." At Jacobs, this is an extension of our expectations for employees throughBeyondZero®, which is our approach to our people's health, safety and security, the protection of the environment and the resilience of Jacobs.

Tell us about an exciting project you have worked on or are working on.

Every project is exciting because it allows me to understand how clients operate, their needs and the benefits they gain from my work. Probably the most important project I have done is designing and delivering the Mobile Duress Alarm Systems in prisons throughout Western Australia and knowing that the design and performance of these systems could mean the difference between life and death for someone in the facility.

What’s been the top three memorable things working in security?

Over the years, there have been many such experiences. Here are three that come to mind:

• Delivering the security at Perth Arena (now RAC Arena).
• Walking under and over the Sydney Harbour Bridge prior to the Sydney 2000 Olympics without any anchor lines and without having to pay for the experience.
• Securing the contract to design the security for the Woodside Headquarters Building in Perth.

Can you tell us how the work you do is helping deliver solutions for our clients’ toughest challenges?

My work is closely aligned with Jacobs' approach of focusing on delivering innovative data solutions that meet the needs of our customers. By engaging closely with our customers, we’re able to identify their unique challenges and develop tailored solutions that address those challenges effectively. We’re dedicated to providing exceptional work that surpasses our clients' expectations, resulting in enduring partnerships.

What do you enjoy most about being part of #OurJacobs?

I enjoy being part of a dedicated, professional, experienced and capable team with supportive management.