In a September weekend edition of the Wall Street Journal, an article identified some post 9/11 security-related statistics, which together paint a picture of inactivity among security executives and their organizations.

Security Magazine found the article missed the key changes in our industry and wrote the editor of the Wall Street Journal. See our letter to the Journal, which follows. While it appeared easy to connect various data points and conclude that the security profession is business as usual, those in our industry know that sound strategy, technology integration, teamwork (internally and externally), solid execution and long hours to train, communicate and change behavior among your stakeholders are the core success.

It is true that most organizations have not spent the past five years solely defending against terrorist attacks, nor should they. Enterprise level security is and should be focused on mitigating the greatest risks to their organization. As our recent Security 500 study found, most organizations work to be expert at and prevent events likely to occur in their geography (nature, urban violence, health related) and their industry (loss prevention in retail, data security in finance, environmental health & safety in energy), as examples.

Back to the routine? Not really. Lessons learned from 9/11 show that most enterprises and highrise buildings face and respond to disasters and emergencies in better ways.

Billions in Spending

In stark contradiction, there is a mid-September USA Today article, “Security Generates Multibillion Business” by Gary Stoller. And the American Chemistry Council released a report at about the same time stating that their 133 member companies have invested nearly $3 billion since 9/11 in security.

But in the Wall Street Journal article, we found the example of Eclipse Inc’s CFO, Greg Bubp, who said, “Security, as far as 9/11, hasn’t really impacted us that much here,” misleading. Eclipse has probably not experienced shipping disruptions because of sound implementation of access control systems, RFID technologies, surveillance video and fewer, more efficient guards by the cargo/transportation industry. But if you don't look, as the WSJ didn't look, security aligned with business goals will be missed and mistaken as business as usual.

And while we find the following quote disturbing “In the private sector, all that’s generally been done is a few more security camera and guards at the most vulnerable of sites: some skyscrapers, some chemical plants.” -- Michael O’Hanlon, Brookings Institution

We suggest Mr. O’Hanlon smile at his inane statement, as he is most likely on one of your cameras.

Our Letter to the Journal Editor

“Five Years After 9/11: How Have Things Changed?” (The Wall Street Journal Weekend, Sept. 9-10) did a solid job of reviewing what’s changed, especially through federal government actions, efforts and regulations.

Your article references the Pew Research Center’s measure finding about half of Americans today report the terrorism attack has changed their lives. Security Magazine, which reports on solutions for enterprise security leaders, recently showcased a Public Opinion Strategies survey of voting-age Americans.

In that study, fifty-one percent (51%) of voters believe a series of terrorist attacks could happen in their lifetime and another 29% believe it will happen. Younger people are surer that terrorism is a long-term American concern. Eighty-three percent (83%) of voters age 18-64 say terrorist attacks could or will happen in their lifetime versus 69% of voters age 65 or older.

It would not surprise me that your own poll will end with a similar result – a majority saying “9/11 changed everything.”

I do question the statement of Michael O’Hanlon of The Brookings Institution, who suggested that a terror attack on a workplace is no longer the urgent concern we thought it might be after 9/11.

Enterprises, their CEOs and chief security officers continue focus on the risk from terror, as they grow budgets for security, meet more business-general and industry-specific regulations while getting more serious with employee procedures and training in case of a terror attack or other disaster.

A Security Magazine Forecast study of enterprise security executives, conducted this summer, found that anti-terror efforts are among the top five issues causing the most security concern next year. And 31% rank anti-terror efforts at the very top of next year’s security concerns.

Regulations, guidelines, standards and best practices also have significant impact on businesses and their security operation. While right after 9/11, it was obvious to act quickly on improving air travel security, over the years, slowly but surely, government agencies and industry groups have been establishing or are near setting up mechanisms that mandate greater attention to terror risks and greater spending to minimize vulnerabilities.

While Mr. O’Hanlon sees the law of probability as one factor in his belief that there is no longer an urgent terror concern, there’s no doubt that 9/11 increased the long-term terror threat for everyone, everywhere – from the boardroom to the living room. Security Magazine and other respected studies show changes to enterprises and spending on security continue to escalate, due in great part to the prolonged fallout from 9/11.

And, there is no doubt that the tragic growth of terrorism in other parts of the world draws business and security attention in America back to the need for us to protect from another 9/11.