Understanding the role of a 21st century corporate security & risk manager

Understanding the Role of a 21st Century Corporate Security & Risk Manager

A brief comparison of the role of a Security and Risk Manager in the 21 ^st century as opposed to that of the 20 ^th century I believe helps us to justify the study of risk, crisis and disaster management regardless of the fact that we now have more advanced warning systems, safer infrastructure and better coping mechanisms. This is because when comparing twenty-first century crises with those of the twentieth century I note that many of the triggers are the same for example, adverse weather, terrorism, and disease. However, Security and Risk Managers of today are facing new challenges because there is now exposure to new risks bringing increased likelihood of crises occurring, the complexity and consequences of crisis events require different and a more flexible approach to crisis management. Today we are more populated, integrated and interconnected, disease is spread more easily as the population travels more frequently to more global destinations, effects of climate change are increasing, terrorists are more advanced and unpredictable with their attacks, and we are increasingly reliant on power and technology, which has opened us up to a world of cyber-crime and data breaches. 21 ^st century Security and Crisis Managers have to consider modern day crises to involve:

•         Multiple failures

•         Cascading consequences

•         Trans-boundary

•         Multi-jurisdictional

•         Catastrophic infrastructural failures

•         No clear solution

•         No model of response

•         Non-recoverable

•         No single point of responsibility.

The ability to plan for crisis events has advanced from being able to foresee crises and understand emerged patterns to tackling the complex nature of modern crises. ‘ Unbelievable”, “ unthinkable”, “ inconceivable” the 21st century opens a new era in the field of risk and crisis management. Recent crises, including the unconventional “ 9/11” terrorist attacks, swift world-wide contamination by the SARS virus, continental blackouts which can occur within the space of a few seconds, the continent-wide effects of a tsunami in unstable geopolitical zones, all seem to differ fundamentally from the seminal cases which gave birth to crisis management studies in the 80s – the tampering of Tylenol being the founding stone of the discipline. The trend seems to be accelerating, so that crises today are increasingly global, intertwined and “ non text-book” events’ (Lagadec, 2005, p. 3)

Using terrorism as an example, traditional ‘ old style attacks’ tended to be single event attacks on buildings and infrastructure, the IRA attack on Manchester Arndale Centre in 1996 is an example of this. Risk and Security Managers were able to plan and prepare an effective response for attacks such as this. However, the more modern attacks or ‘ new style attacks’ are intended for maximum disruption and casualties, they are multi-team, series of attacks such as the Mumbai terrorist attacks in 2008. This more complex style of attack demands Security and Risk Managers to develop more flexible strategies for responding to these types of threat. 21 ^st century Security and Risk Managers need to learn from past events, but also consider what future events will look like.

The Business Continuity Institute Horizon scan report 2017 finds that the top 3 concerns are cyber-attack, data breach and Unplanned IT and telecom outages – all technology based concerns which goes to show our heavy reliance on technology but the risks involved in becoming more technologically advanced and dependant. There has been significant technological advancements since the twentieth century, which is now embedded into everyday life. Security and Risk Managers can take advantage of these technological tools in crisis management, for example they can use technological communications to send and receive important information in real-time. Technology also provides strategy options such as remote working for staff in the event of a crisis within their organisations. However, with technological equipment brings new challenges and the need to consider the risk that the organisation may become exposed to such as hacking and data breaches. For twentieth century Security and Risk Managers, the online world was only just emerging and the means of communicating important information were more challenging and time consuming, local television, radio and newspapers were the media sources and reached a smaller audience in a longer timeframe when compared with that of modern day social media. Now Security and Risk Managers have the ability to send out information in real time during a crisis event, making it easier to control that information. However, Security and Risk Managers need to have considered the need for communications teams to have appropriate press releases ready to deliver in a timely manner to help to avoid any reputational impact to the organisation. The United Airlines PR disaster 2017 is an example of how mishandling the situation, incorrect information and mistakes made in statements can have catastrophic and long term consequences for the reputation of the organisation due to the power of social media and wide reaching audiences in an instance. The way in which an incident or crisis is managed is often remembered and can in some cases be beneficial to the organisation if handled well, which is another reason for the continued study of risk, crisis and disaster management.

‘ The future will see an increasing number of disasters and crises that highlight in a very concrete and tangible manner the obsolescence of national borders.’ (Uriel Rosenthal, 2001, p. 12) ‘ As business environments change and grow increasingly complex, it is particularly important that leaders develop a set of skills that will help them prevent and effectively respond to crisis and other strategic issues (Wooten & James, 2008, p. 4) as cited in Garcia, 2006; Mitroff, 2005. Communication before, during and following crisis situations is and has always been one of the most important factors in crisis management for Security and Risk managers of the past and the present. The recognition of the need to develop skills, to build relationships and collaborate with others in similar roles in external organisations and partner agencies to build trust, share information and put into place mutual aid agreements where possible. Forming a network of people who can assist in times of crises. Establishing known roles and responsibilities in a command structure but with the capability of empowering from the bottom up. Adopting a ‘ support and adapt’ concept to enable flexibility and dynamic decision making in a complex crises are all an essential part of a 21 ^st Century Security and Risk Managers role. An ongoing commitment to the study of risk, crisis and disaster management is vital to help us to continue to evolve and adapt in an ever-changing environment.

References

•        Lagadec, P. (2005). Crisis management in the 21st century ” unthinkable” events in ” inconceivable” contexts.

•         Uriel Rosenthal, A. B. (2001). MANAGING CRISES: Threats, Dilemmas, Opportunities.

•         Wooten, L. P., & James, E. H. (2008). Linking Crisis Management and Leadership Competencies: The Role of Human Resource Development. Sage Publications.