Across the globe, chief security officers (CSO) are under intense pressure to justify what they do, as business operations come under increased scrutiny from the C-suite, shareholders and outside auditors. More than ever, CSOs find themselves in the position of needing to make a strong case for their budgets and activities on a day-to-day basis.
Corporate security, while no different from other business functions in terms of ROI considerations, can be a more complex space to navigate and evaluate. At the end of the day, corporate security teams need to be able to demonstrate how their actions and activities add value to the company, just like any other division.
The ask is a challenging one, as security is an investment that pays for itself in cost savings and cost avoidance, rather than generating a return. It is about loss prevention, calculated via tangibles like time and money, and intangibles like employee safety, reputation and competitive advantage.
In my time at Dataminr, I’ve seen CSOs using our Corporate Security platform to manage a variety of crisis situations, from terrorism to brand faux pas that quickly spun out of control. There are always challenges in the face of rapidly unfolding events, but also opportunities to demonstrate value and the importance of corporate security as a business function. In this two-part series, I’m going to investigate how CSOs can capture the value they add when dealing with unexpected crises and threats.
First and foremost, a core mission of corporate security teams is to be both proactive and responsive to mitigate risks to physical safety, as protection of the company’s employees and assets is paramount. Consider the tragic bombings in Brussels, Belgium, in which three coordinated suicide attacks occurred – two at Brussels Airport, and one at the Maalbeek metro station in the city center. By monitoring social media, numerous companies were able to quickly reach out to employees in the area and alert them to return to their hotels and shelter in place via mass notification messaging, coordinated by their GSOCs (Global Security Operation Center). Throughout the day, the GSOC shared updated information in real time to keep travelers and local employees informed and, most importantly, safe. With one traveler staying near the Maalbeek metro station, this incident was an important example of how extra time allowed this GSOC to be proactive and minimize the disruption and impact of a terrible event.
If these situations go wrong, in addition to dealing with possible loss of life, companies confront major issues related to business continuity, responsibility, duty of care and possible legal action. Beyond the critical task of ensuring employee safety, securing supply lines and assets is also essential in a crisis.
Without an immediate and decisive response, corporate assets and critical business processes, like supply chain, can be severely compromised. Having an active security team in place allows companies to respond more quickly and efficiently, as was the case during the failed Turkish coup d’état in July 2016. In that instance, security officers demonstrated value and ROI in a crisis by using cutting-edge tools to inform initial notifications about the unfolding coup and immediately begin crisis management protocols. The faster this playbook is put into action, the more quickly and thoroughly losses can be mitigated.
In the Turkey example, a quick response enabled a GSOC to secure offices, local personnel, travelers, and high-value, temperature-controlled merchandise in transit. Other examples include rerouting shipments on quick notice, selecting alternative suppliers or subcontractors, and relocating events or critical business processes. The savings incurred can be anywhere from the low tens of thousands to millions of dollars per incident for safeguarding major assets like data centers, regional headquarters, sales offices, manufacturing or storage locations and raw material production sites, such as mines.
The safety of people, assets and reputation will always be the most important aspect of a CSO’s day-to-day activities. In this digital, interconnected age, an emergency can unfold in a noisy, crowded space that makes verification and authentication more challenging than ever. The value of an integrated security team to the c-suite is increasingly significant as companies face unprecedented security challenges across the globe and more travel to higher risk locations.
In addition to physical safety, CSOs also have a powerful opportunity to expand their role and demonstrate value around brand crises and other non life-threatening emergency situations. I’ll dive into this evolving landscape in part two of the series.