Nearly five years after the terrorist attacks of September 11, 2001, the number one challenge perplexing security professionals and organizations seeking to execute successful security programs, business continuity and/or risk management plans iscommunications.

As is known today, the 911 Commission found that the lack of cross-organizational communication of vital and available information obstructed the possibility of stopping the attacks. Examples include:
  • not informing the FBI …
  • not sharing information linking individuals…
  • not linking the arrest of…
  • not discovering false statements on visa applications…
  • not expanding no-fly lists to include names from…
  • not searching airline passengers identified by the system…
And that response to the emergency was challenged (first by the magnitude of the crisis) and second by the inability to communicate: “Effective decision-making in New York was hampered by problems in command and control and in internal communications.” The report identified communication challenges including:

  • Within the Fire Department of New York commanders had difficulty communicating with their units
  • The Port Authority's response was hampered by the lack of radios capable of enabling multiple commands to respond to an incident in unified fashion
Still, five years later, a recent Wall Street Journal article (“Big-City Police Chiefs Assail Homeland Security’s Secrecy” June 30, 2006) reported, “law-enforcement authorities around the country say Washington’s efforts to share vital security information with them are in shambles.” Local authorities point out that government agencies are fighting a common enemy and must share information, but are denied relevant and timely information. As a next step, leading chiefs of police will be meeting face-to-face with Michael Chertoff to resolve this failure to communicate.

Processing, managing and sharing information for the purpose of securing the enterprise is one challenge. But internal communication to executives, peers and staff is a second, equally vexing problem. In a recent CSO Magazine article, the number one reply: “Ability to communicate effectively” was selected by 83 percent of the survey respondents when asked what is the most important personal skill or attribute pivotal to career success.

And solid, effective communication travels in many directions. How you communicate security’s current status, goals and the steps toward progress -- in business language -- is perhaps the greater challenge. Think. Think. Think. And then Practice. Practice. Practice. These may be the keys to not only gain board level buy-in for security investment as a business driver, but to see you as an executive and team member that can enhance the organization’s value.

Gaining similar respect, buy-in and rapport with peers and demonstrating leadership to your team are important, but require different types of communication and skills. And getting outside your walls to build relationships, communicate externally and exchange information is vital. For example, the Las Vegas casinos have an emergency preparedness program in place with homeland security, police, fire and other emergency services as well as hold regular meetings.

In a world of too much information turning into unintelligible data; collecting, processing, organizing and communicating it accurately and effectively so that the recipient understands your message and their required action is the goal. From the technologies you rely upon to the messages you communicate take care to avoid a failure to communicate.