Our top-trends blogs, which highlight what our experts foresee as driving best practices and priorities across the U.S. and the world, remain among our most popular posts. In 2020, we present a multi-part series covering critical issues and advances in (1) security risk management, (2) threat and violence risk management, (3) emergency management and response planning, (4) investigations, (5) law enforcement consulting, and (6) private client and family office security.
Trend #1: More U.S.-based public companies will identify travel risk management as a core component of business continuity
As we begin 2020, we have already seen an increase in the number of public companies addressing travel risk management programs under “Duty of Care” requirements as a formalized component of business continuity programs. Providing a program to address the unique risks faced by travelers is a holistic, proactive process that prepares employees for the risks they could face when traveling and provides mechanisms for managing those risks. This applies to both catastrophic risks on the other side of the world, as well as the risks an employee could encounter at home. Beyond a legal obligation to meet duty of care thresholds for employees, companies are considering the overall impact on their corporate culture. Organizations are finding that a preventative and proactive approach advances employees’ personal safety while, at the same time, enhancing business continuity planning and outcomes and overall workforce morale.
Trend #2: As active assailants modify their tactics, security professionals will modify theirs.
Active assailants continue to change their methods and develop new ways to inflict damage. Law enforcement agencies are aware of this, and they’re constantly evolving their counter methods to combat these advances. In 2020, more in-house security directors will take actions such as the following to help ensure the safety and security of the people they are charged with protecting:
- Expand the scope of active assailant awareness and response training: In 2019, we began to see a trend of companies expanding their requested scope of active assailant response instruction to include helping employees and supervisors learn how to prevent an incident by understanding the spectrum of workplace violence and identifying and ultimately reporting behaviors of concern. Companies are designing training programs that are moving away from the traditional DHS model of Run-Hide-Fight that focuses narrowly on what to do when the incident occurs toward more comprehensive active assailant preparedness and prevention in addition to response.
- Expect uncommon weapons: Although guns are often the weapon of choice in an attack, some assailants use arson, vehicles or explosives. Effective workplace prevention plans must consider uncommon and creative attack techniques, and security professionals should consider a variety of attack methods, including, but not limited to, firearms.
- Give first responders key cards and other access tools: Key card-based and other access control systems are a best practice for any workplace. However, if and when a workplace incident occurs, these systems can keep law enforcement responders from accessing buildings or areas where they’re needed. The lack of a key card can also prevent first responders from exiting, which puts their lives in danger and prevents them from helping others. Companies should ensure all employees know to give their key cards to law enforcement personnel during an active assailant situation. Companies should also install master key cards in exterior lockboxes or create ways to disable access systems in an emergency.
- Conduct tourniquet training: If the unthinkable happens and someone is injured, it’s imperative that employees have some life-saving skills. In an active shooter incident, tourniquet training can save lives. Staff and other employees should be encouraged to visit the Stop the Bleed website for tips on how to control bleeding and finding nearby training sessions.
Trend #3: More security departments will be under pressure to ensure proactive physical and technical security controls, practices, protocols and emergency management training.
In 2020, preventing violence will continue to be a top priority for employers across the country, and many will continue instituting formal violence prevention plans and programs. An effective workplace violence prevention plan should include a schedule for regular risk and hazard assessments that evaluate ways to increase the safety of employees and visitors. Common safety improvements include installing appropriate cameras, alarms and lighting; having security personnel or security measures in the lobby; establishing a sign-in and sign-out protocol for visitors; developing employee assistance programs; and providing personal protective equipment for employees.
Trend #4: More businesses will improve cybersecurity by segmenting their networks.
Cyber-attacks continue to rise. Data breaches affecting personal data and system availability are reported daily. Corporate security networks that need to be available at all times (e.g., video surveillance systems, access control, telecommunication systems) can be vulnerable if organizations do not properly protect the network. We see many companies use a single, shared physical and virtual network for both critical business delivery and physical security systems, as well as internet access for employees and guests. A common trend is to subdivide these networks through virtual local area networks (VLANS). VLANs manage wired and wireless traffic and organization, limiting hackers’ access . Protecting networks against intrusions is essential to keeping critical security resources online.
Trend #5: As the cannabis industry evolves, security will remain a top priority for this cash-based industry.
The U.S. government still considers cannabis to be a Schedule 1 drug, despite the fact that many states have decriminalized its sale and use across various medical and recreational applications. This makes it difficult for businesses, such as cultivation centers and dispensaries, to find banking institutions willing to support the financial needs of cannabis operations. As a result, the industry is faced with dealing in large amounts of cash to purchase, transport, store and distribute cannabis products and make other expenditures for operations and administration, such as payroll, marketing and facility maintenance.
Another factor driving the security risk environment in the cannabis industry is the threat posed by illegal drug dealers and their loss of business – and a commensurate increase in risk of product theft and diversion. As a result, we expect that in 2020, this emerging, high-growth industry to place a premium on developing and building comprehensive security master plans and integrated security design capabilities that ensure compliance with regulatory requirements and manage risks associated with theft, diversion and product tampering at every phase from cultivation and infusion of edibles to sales and customer service. Cannabis-related businesses will need to take a careful, thoughtful approach to capabilities such as integrated technical security systems (e.g., closed-circuit television, access control, intrusion detection), facility-specific policies and procedures, and security guard services. Engaging a security consultant with direct experience in cannabis-specific security risk management practices will be important to protect the company’s staff, product inventory, facilities and reputation.