Booz Allen Commercial delivers advanced cyber defenses to the Fortune 500 and Global 2000. We are technical practitioners and cyber-focused management consultants with unparalleled experience – we know how cyber-attacks happen and how to defend against them.
Our strategy and technology consultants have empowered our international clients with the knowledge and experience they need to build their own local resources and capabilities.
In facing challenges of modernization, our Middle East and North Africa clients have complex requirements that benefit from our proven experience in guiding major programs and projects for governments and private-sector organizations. The services we offer in UAE, Qatar, Egypt, Turkey, Kuwait, Morocco, Jordan, and other regional countries build on our consulting legacy.
Our clients call upon us to work on their hardest problems—delivering effective health care, protecting warfighters and their families, keeping our national infrastructure secure, bringing into focus the traditional boundaries between consumer products and manufacturing as those boundaries blur.
Booz Allen was founded on the notion that we could help companies succeed by bringing them expert, candid advice and an outside perspective on their business. The analysis and perspective generated by that talent can be found in the case studies and thought leadership produced by our people.
Learn more about Booz Allen's diverse culture and environment of inclusion that fosters respect and opportunity for all employees.
We've come a long way delivering innovative solutions. But our next chapter is still being written.
Our 22,600 engineers, scientists, software developers, technologists, and consultants live to solve problems that matter. We’re proud of the diversity throughout our organization, from our most junior ranks to our board of directors and leadership team.
Booz Allen takes pride in a culture that encourages and rewards the many dimensions of leadership—innovative thinking, active collaboration, and personal service. We’re particularly proud of the diversity of our Leadership Team and Board of Directors, among the most diverse in corporate America today.
Posted by Steve Senterfit on November 14, 2014
At its core, the oil industry has a very simple mission: finding and producing oil, driving value, and ultimately replacing the reserves to ensure there is more oil to come. It once was relatively easy work with plentiful options, but in recent decades it’s become increasingly complex: Oil is harder to find; it’s deeper in the earth, it’s located in more hostile environments without easy access to modern technology. Those circumstances are driving entirely new business models in the industry, involving more joint ventures, reliance on new, more complex technology and tactics, and involvement with a broader range of third parties. This major global transformation requires organizations to be able to predict, identify, and manage myriad changes nearly simultaneously to thrive.
In my conversations with clients and heard at industry events -- such as the 9th Annual API Cybersecurity Conference & Expo where our Senior Executive Advisor Mike McConnell is giving the keynote and the Abu Dhabi International Petroleum Exhibition & Conference where this year Vice President Terry Thompson is speaking about technology security challenges – there is a sense that energy companies have the fundamentals, such as technology development, cyber, IT, risk, and investment and regulation under control. But leaders tell me that what concerns them are the implications and risks related to each of these components of the business that are not being raised to the board level for a more holistic view of risk management. Here’s an example: a company may have a robust protection from Phishing attacks, but if one is successful and results in the loss of private personal or client information, that could be a crushing blow to customer relationships, and trigger regulatory issues and other impacts.
Earlier this week, Booz Allen released its annual Energy Sector Trends for 2015, which are based on our conversations with CEOs, CISOs, chief risk officers, and others in the oil and gas and utility industry, as well as on what we see in the marketplace. The trends indicate that energy companies can thrive in this new more complex environment by embracing robust analytics to help them improve operations, manage their regulatory commitments, understand their market ecosystem, improve their reputation, predict health and safety incident, and prevent excessive capital investment risk taking. This year’s trends also include what we are hearing about cyber security and elevating risk management above the C-suite.
When it comes to cyber, energy companies understand the important role they play in nations’ critical infrastructure. In some regions – especially the Middle East and North Africa – cyber threats against this sector are an issue of national security. Energy companies must put their massive amounts of data to use in protecting their multi-dimensional attack surface with proactive threat detection. In 2015, we will see the industry start to address the security of their third-party vendors and even those vendors’ vendors – a move to mitigate so-called “fourth-party vendor risk.” Our clients tell me that they also see a great need to include cyber incident response procedures as part of their highly matrixed business continuity and crisis management plans. Nations and customers are simply too dependent on the energy industry to risk a digital disruption.
Leaders also tell us that on top of their extensive planning and preparedness exercises, their CEO and board members must now have an integrated understanding of enterprise risk. We expect to see the boardroom transition from managing individual components of risk to having a more complete understanding of it. In 2015 and beyond, a complete picture of risks at the highest level will ensure that the company, and not just a department, or an asset, will be well protected.
Information sharing is another important trend. Many companies are now participating in the Oil and Gas Information Sharing and Analysis Center (ISAC), an industry group that allows companies to address external threats and manage risks as a group by sharing threat information, while keeping company private information to themselves. This approach has already been successful in the financial services industry.
It’s clearer every year that the industry’s global transformation just won’t allow reliance on old ways of doing business. While the energy sector can look to other critical infrastructures such as financial services for guidance, it is clear to me that only those organizations who embrace a holistic and cohesive approach to analytics, cyber threats, and risk management will find true, long-term competitive advantage.