Closing The Gap: Increasing Corporate Investment in Security

Sir David Veness CBE QPM

Sir David Veness CBE QPM

Former Metropolitan Police Service Assistant Commissioner Sir David Veness presents a strong argument to suggest that recent developments in the sphere of international terrorism, coupled with current responses to the threats and risks posed, have duly bolstered the business case for increased corporate investment in security.

The recent presence of armed soldiers on the streets of French and Belgian cities demonstrates nothing if not changed circumstances and the novel dimensions of the challenge presently facing today’s security managers and directors.

For their part, business leaders will wish to consider the four key factors which have led to these changed conditions. First, the threat is growing faster than the response and has created a gap in security. Second, the threat and the security gap is likely to be enduring. Third, the potential impact upon business encompasses staff safety and security at home and abroad. Fourth, the changed threat and response has wide implications for business operations and thus necessitates a more integrated and comprehensive security policy.

The opportunity for business arising from these factors is to assess the need for self-help and sharpen the corporate security posture. This opportunity extends to a given business’ contribution to closing the security gap in the wider community interest. A sound beginning for the process of assessment of the need for business change is to analyse the reasons for the growing threat and duly appreciate the limitations placed upon response.

Today’s growing threat derives from geography, groups, expanding terrorist methodologies and the stated agenda of terrorist actors. In terms of space, geography applies to both real locations and the virtual realms of electronic communications. Terrorists have occupied the grey spaces to develop their activities and elude traditional counter measures. Meantime, instability within Syria, Iraq and the Yemen added to the existing predicament of Afghanistan and Pakistan plus parts of North, East and West African states provides a wider dimension of risk.

Andrew Parker, director general of the UK’s Security Service, emphasised the Syrian aspect in his compelling and incisive address to the Royal United Services Institute at Thames House in London on 8 January this year. “Outside of Iraq and Syria, we believe that since October 2013 there have been more than 20 terrorist plots either directed or provoked by extremist groups in Syria,” explained Parker.

He also reminded the audience of events in Belgium, Canada, Australia and France, adding: “We know that terrorists in Syria harbour the same ambitions towards the UK, trying to direct attacks against our country and exhorting extremists here to act independently.”

Ungoverned virtual territory

International terrorists have already made vigorous use of ungoverned virtual territory to incite violence, to plan and to train, create plenty of propaganda and communicate both overtly and secretly.

On this matter, former GCHQ director Sir David Omand has stated: “It would seem only a matter of time before neo-Jihadist terrorists acquire and use cyber attack capabilities, possibly by buying the services of criminal hackers, although so far they’ve preferred the more traditional route of explosives and guns.”

Cyber attack is entirely consistent with the stated international terrorist aim of causing economic harm and potentially significant loss to target interests. The private sector is particularly vulnerable to this development which absolutely reinforces the wisdom of an holistic approach to corporate security.

In September last year, the FBI’s Cyber Division issued a detailed advisory note to private sector industry setting out the possible reaction to ongoing airstrikes against the Islamic State in Iraq and the Levant (ISIL). The note highlighted the potential for offensive cyber terrorist and hacktivist activity. The advice was aimed at US victims, but listed examples of actual incidents in the UK. The importance of the thread of instability extends to the emergence of new groups and new forms of old groups. The result is a wider and deeper pool of terrorists. Hence the significance of ISIL and its assertion of Islamic Statehood attracting volunteers from many nations.

There’s also the forward deployment of Al-Qaeda core to Syria and the continued activities of affiliates such as Al-Qaeda in the Arabian Peninsula. Groups in North, West and East Africa – some of them with links to ISIL, Al-Qaeda or their affiliates – merely add to the complexity of sources of terrorist operatives.

The overall movement of fighters from outside the country to Syria is a major factor and numerically worrisome, particularly when compared to the numbers who fought in Afghanistan and went on to cause a global terrorist surge.

It must also be said that the implication of foreign fighters is wider than the issue of individuals simply travelling to and from Syria. The broader consequence is the danger of greater connections between potential terrorist recruits, both in their homelands and on the move, and terrorist recruiters, trainers and technical advisors in ungoverned spaces. These connections are both real and virtual.

Nature of terrorist plots

Another component of the growing threat is the very nature of terrorist plots and attacks. Terrorist methodology is expanding from the established middle ground of guns and explosives – including the deployment of suicide bombers – towards new variations at both ends of the spectrum.

At the unsophisticated tier, the use of knives and motor vehicles as weapons to be driven into crowds are advocated by terrorist agitators. In addition to regrettable casualties, public fear is to be expected, and notably so when crude attacks are carried out with such great brutality. The cumulative effect of more potential offenders, more unpredictable incidents and greater mitigating measures only adds to the burden placed upon the authorities to both Protect and Prepare.

The centre ground of guns and explosives remains a present menace with additional tactics of marauding attackers and variations in components as well as the concealment of IEDs. At the top end of the scale, terrorist innovation is a persistent dimension. Cyber attack – plus chemical, biological and radiological aspects – remains pertinent.

On 24 January this year, an airstrike near Mosul in Iraq killed a member of ISIL whom US Central Command asserted had technical competence in the production and use of chemical weapons.

The final key aspect of threat development is the expressed intention of international terrorist groups. Dire events since 2001 have underlined the wisdom of listening to and evaluating what terrorist groups actually say.

There’s a marked correlation between intended targets and actions and grim reality on the ground. A clear current example is the stated threat of retaliation aimed at members of the US-led coalition carrying out air strikes in Iraq. Terrorist groups in Iraq and Syria have expressed the ambition to strike back at coalition member states and urged their supporters to take action wherever they’re located, including the specification of potential targets and/or attack methods.

UK membership of the coalition conducting operations in Iraq (but not Syria) is based on the debate held in the House of Commons on 26 September 2014. During those discussions, issues of national interest and the safety of the British people from the ISIL threat were well articulated. The counter-terrorist case for membership of the coalition is soundly based and that membership is likely to be long-term.

Assessing the response capability

The consequences of terrorist reaction are an inevitable factor in the overall threat. The combination of extended geography (both territorial and virtual), more groups and terrorists, a broadened span of attack methods and stated terrorist intentions provides the code to understanding the changed contemporary threat of international terrorism.

This is markedly different from the threats which the UK has faced since the 1970s and business security regimes should now reflect that unwanted fact. Speaking in the House of Lords last January, Lord Evans of Weardale (former director general of the UK’s Security Service) explained: “When I left MI5 in 2013, I felt cautiously optimistic that we were over the worst as far as Al-Qaeda and Islamist terrorist attacks in this country were concerned. It seemed to me that we were making significant progress. Regrettably, subsequent events have proven that judgement to be wrong.”

This cogent analysis from one of the UK’s most knowledgeable and experienced experts becomes even more powerful when the threat review is extended to a review of response. The stark conclusion is that the threat has increased but the response capability has not kept pace. This has produced a gap at a time when the national threat level posed by terrorism is ‘Severe’ and an attack on the UK mainland is assessed as being ‘Highly likely’.

Political and economic constraints

The limited ability of nations – including those directly threatened by terrorist attacks – to address threats at their geographic or virtual sources is critical. There are political, social and economic constraints. There are also the risks of counter-productive consequences of direct action to be taken into account. This means that disruption and degradation of terrorist groups will not be swift. It will also require a sustained multi-national commitment.

On that note, US President Barack Obama has warned: “It will take time to eradicate a cancer like ISIL. Any time we take military action there are going to be risks involved.”

The Report of the House of Commons Defence Committee published on 5 February this year underlines the myriad challenges in defining and implementing strategy towards Iraq and Syria. The domestic resourcing requirements to address the growth of the threat are indeed formidable. Investment in intelligence is the logical best choice, but the demand extends across Pursue, Prevent, Protect and Prepare. For example, protective security for people and places requires intensive effort with high grade skills.

Monitoring and surveillance

Monitoring and surveillance generate comparable demands for well-trained staff. Also speaking in the House of Lords back in January this year, Lord Harris of Haringey questioned whether the budgetary allocation for the police service is adequate for the additional demand. Lord Harris also drew attention to the provision of police firearms capability.

Both the former and present director generals of the Security Service have underlined the pressing need to modernise properly accountable access to terrorist communications and mitigate the present exploitation of dark areas. There seems little doubt that this issue is a very important reason for weakness in response without any prospect of immediate resolution.

The relationship between threat and response has been graphically described in The Economist in an article entitled: ‘Counter-Terrorism: Getting harder’. The final paragraph of that article states: “The citizens of the West have grown used to the idea that their security services can protect them from the worst that might happen. Faced by a new range of threats, and with counter measures apparently of rapidly declining effectiveness, that situation may be about to change.”

The UK is extremely fortunate in having highly competent private security professionals working both within companies and for external specialist solutions providers. We have an excellent tradition of Corporate Social Responsibility in terms of business self-sufficiency, support to the public services and a valued contribution to the wider safety of the community in general.

Indeed, business-representative organisations have a very constructive track record of engagement on this agenda. There’s a unique range of innovative public-private sector joint initiatives such as the excellent Cross-Sector Safety and Security Communications scheme energised for London 2012 and, of course, Project Griffin. There may well be scope for even greater effectiveness by closer co-ordination of these elements.

Sir David Veness CBE QPM is Senior Advisor at Pilgrims Group and Honorary Professor of Terrorism Studies at the University of St Andrews in Fife, Scotland

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts