The disciplines of security (in general) and security management (more specifically) ought to be the most important items on the agendas of all major companies both here in the UK and, indeed, across overseas territories. If you were to extract from the equation the somewhat turbulent economic circumstances that have gripped the globe in recent times, that statement begins to hold even greater resonance.
In this day and age, threats to the corporate world emanate from myriad angles. Fraud, cyber crime, terrorism, the spectre of national disasters. The list of elements to be considered as part of ongoing risk assessment procedures is seemingly endless. Now very much part of that risk matrix, of course, is ‘the insider threat’ and the potential for reputational damage.
Companies who ignore these latter elements do so at their peril. There’s little point in them adopting a NIMBY attitude and relying on good fortune that threats will simply pass them by. It only takes one incident and a business may be rendered impotent in the short term (or, considering the worse case scenario, witness itself being eliminated altogether).
Taking all of these major factors into consideration, the mind boggles as to why security, risk and business continuity do not always sit atop the Boardroom agenda and merit the greater part of company directors’ attentions. Surely events such as 9/11 and 7/7 alone would have realised a sea change here?
With the economy picking up, it’s an ideal time for security managers to raise their game and begin to converse effectively in the language of the Boardroom. That process of engagement must be earned, though, such that security and risk professionals – and the security service per se – are able to realise their full potential.
In essence, we need to develop a service benefit language that outlines not only the ways in which security actively mitigates risk, but also how it diligently supports company and brand reputations in tandem with defined corporate objectives.
There has to be a recognition of what security actually delivers through an enhanced and clearer understanding of how it actively contributes to all central functions within a given organisation. Importantly, there must also be continual visibility of prevention tactics – not to mention other ‘unrecognised’ risk and security activities – by way of, for example, data collection and analysis.
Equally important for the sector when it comes to gaining the level of Boardroom respect it so richly deserves is the move towards an even more technically proficient and professional discipline. Thankfully, The Security Institute is taking huge strides in this regard by way of the Register of Chartered Security Professionals.
In parallel with Chartered status for The Security Institute, the Holy Grail for security management is for it to become an equal partner alongside the long-established professions – medicine, the law, accountancy, engineering and architecture.
That day will surely arrive, but there has to be a collective will from all concerned to render this coveted scenario a real world truism.
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK