UK's Government Secure Intranet
And the above .gov.uk disaster^Wproject is supposed to give employers confidence?
Burly bodyguards, however well armed and trained, are no longer enough to protect businesspeople on the move. Electronic threats to their privacy and security and the risk of industrial espionage can also cause problems for VIPs and businesspeople. Peter Houppermans, an experienced security consultant who helped build the UK's …
Many VIPs already have all the necessary expertise, policies and procedures in the organisations which they lead. The snag is, such people tend to believe that they are too important to listen anyone below board level and that corporate policies don't apply to them. I can't see how an external consultancy is going to have any more success in protecting these people from themselves than their in-house counterparts e.g. try telling him that he can't use the same 4 digit numeric code for all types of authentication : corporate network, corporate email, mobile phone PIN, banking PIN, etc.. - and sharing it with the secretaries.
This is exactly the frustration of internal people - knowing what *should * happen but not being able to get it "upstairs". Sometimes, an external consultant simply re-establishes that communication, or lends it the respect that the "geek from downstairs" just doesn't get.
It depends on the consultancy if they're honest enough to credit the internal people. Ethical ones do.
Secondly, those internal people usually do not travel with the VIP and only have partial sight of the actual risks. Especially for VIPs, being "out there" is 100% different from being in an office. An executive simply goes to another building to have meetings, a VIP is far more exposed as they appear in public and at events. This is where an external consultancy can help connect the office IT with needs in the field, and coach immediate support staff in risk management (anyone expecting VIPs and senior execs to change their ways is overly optimistic :-).