(This blog is one in a series that Hillard Heintze executives and experts are authoring throughout January 2014 on the Top Trends to Watch in 2014 in three discrete areas: (1) security risk management; (2) investigations; and (3) ethics, integrity and law enforcement program improvement. These will be published on Tuesday and Friday of each week in January).
What will 2014 bring? What should we be ready for? Where should our priorities be and what areas should we be advancing? These are the questions, among others, that our clients’ senior business leaders – CEOs, board members, Chief Security Officers, heads of risk management, counsel and business unit leaders – are asking us, from many different business and security perspectives. Our answers vary, because each client has a unique combination of circumstances. But we do keep coming back to several areas. Here are three trends in 2014 that are driving security risk management priorities. Are you addressing these?
Trend #1: Run, Hide, Fight
We began the year reeling from Newtown. Then, in communities throughout the U.S., the year’s list got longer. The Washington Navy Yard. LAX Airport. New Jersey shopping mall. Colorado high school. These are headlines that many boards and management teams, and all of us, find unsettling in a trend that we strongly believe will continue to amplify in 2014. From our perspective, this is one of the top priorities for mature corporate security teams.
- Enterprises: Those with emerging workplace violence prevention training curriculums are scheduling training more extensively across their U.S. operations. Others with high levels of awareness are focusing more often on developing targeted, location-specific Active Shooter Plans. What we are encountering is that a company may well have an Active Shooter Plan – but it isn’t aligned with its Emergency Management Plan (EMP), which represents a critical best practice. Or vice versa. They have an EMP, but the Active Shooter component is buried, incomplete or outdated.
- Other Organizations: Even smaller organizations are institutionalizing the “Run, Hide, Fight” protocols. One of our clients, a prominent nonprofit advocacy group with strong positions on nationally relevant issues of contention – and a surprisingly small operating footprint – is having us customize a plan for them in the coming weeks.
Trend #2: Digital Ears Up. Corporate Eyes Wide Open.
We call it open-source and social media monitoring and intelligence. This trend is on fire – and we believe it will evolve as an important corporate management tactic along several interesting fronts in 2014 and the years ahead. The technical platform isn’t what’s new. There are multiple tools and software programs available at many price points. What’s new is that corporate leaders across several different management disciplines are learning how to leverage this capability to achieve their respective goals.
- Risk Management: Decision makers in this function are learning that establishing open-source and social media monitoring as “listening posts” can be exceptionally valuable at enhancing reputation management.
- Legal Department: The General Counsel’s office – and outside counsel – is often the first to bring this capability to the enterprise. Whether the company is the plaintiff or defendant in a criminal or civil litigation matter, attorneys are increasingly leveraging social media monitoring as a valuable tool.
- Corporate Security: Chief Security Officers want to know who is posting comments and statements online that represent threats to executives – and whether these are indications that the individual may be escalating behaviors and proceeding along a path that could lead to violence.
- Human Resources: This group typically has a simpler goal: they just want to know who is bad-mouthing the company. When the weekly monitoring report goes to the Chief Security Officers, there are often issues and individuals that require the HR department’s involvement.
The other thing that’s new in this area – and we anticipate more press on this issue in 2014 – is that companies are discovering that using automated monitoring solutions alone as a stand-alone element is not the answer. Understanding the difference between making and posing a threat involves sophisticated nuances that even most security experts don’t understand. And when issues of concern arise, they often require further inquiry – online and sometimes in the field – by seasoned investigators.
Trend #3: Countering Cyber and Information Security Threats
The intensity of cyber attacks has been increasing for years. Don’t look for that to taper off in 2014. While the management teams of some industries have been on high alert for many years – such as those in aerospace and defense, energy and utilities, and financial services – many others are heeding the knocks on the door. Data loss is a nightmare for every executive. But the challenges remain complex, inter-related and expensive to address. Many companies have knit together a patchwork of point products and services. That works fine – until something falls through the cracks. And the threat environment keeps changing. What’s the answer? It depends on so many factors. But all of them involve staying acutely focused on areas such as cyber threat detection, response and remediation; advanced threat intelligence; and incident response protocols, among many others.
Are you prepared?
These are just three of the top issues in security risk management that we – Hillard Heintze and our clients – are keeping a close watch on this year. Come back on Friday and check out three more. Here’s a better idea: use the Subscribe button below to add your email. You’ll automatically receive a link to our new blogs when we post them. How about you? What trends in security risk management do you see emerging in the coming year? What are your top security priorities for your organization?