British businesses are subject to threats posted by both geopolitical and socioeconomic issues and events. The increase in food prices and the instability around the supply of goods, both of which have fallen out of conflicts in Ukraine and the Middle East, have had a national and global impact.
What’s happening in the Middle East is also giving rise to massive demonstrations on a regular basis across the UK from Pro-Palestinian organisations. Added to that, activist groups such as Just Stop Oil are becoming increasingly aggressive with their tactics, often causing public and business inconvenience.
In 2023, YouGov reported that 64 per cent of those who protested said they had done so repeatedly, with the most common causes cited as climate related issues, global conflicts, and domestic issues including the cost-of-living crisis. Protests are a democratic right and freedom of expression should be respected and upheld. It is the job of law enforcement and security providers to balance the right to protest with the protection of the public from crowds that turn violent. In 2023, the police made 630 arrests of climate protesters in London in just one month. The number of injuries and cost of criminal damage is impossible to calculate, but, if the media reports are anything to go by, we can agree they are too high.
Geopolitical and socioeconomic threats, and the protests that accompany them, in addition to the spiralling concerns about cybersecurity, promise to cause yet more disruption to businesses in 2024 and beyond, unless action is taken.
Threat mitigation & elimination
Given the complex and ever-evolving threat landscape, organisations in today's world without a security policy in place are failing themselves, and their stakeholders. Safeguarding employee health and safety is mandatory. It’s enshrined in law, so every organisation in the country has or should have a health and safety policy. Despite the critical nature of the security profession in business and everyday life, having a security policy in place is not mandated in law. As such, there can be the tendency for some organisations to adopt a ‘freestyle’ approach when it comes to their security provision. The potential introduction of Martyn's Law will change this for the better, but until then the onus is on businesses to create their own security culture and implement appropriate security measures.
It's best practice to have a robust security strategy and policy in place to have a baseline when it comes to addressing and mitigating security risks. These risks will vary from business to business, so it’s important to consider the priorities. It’s not just about having a security policy in place, but the right security policy in place depending on the nature, location, and operation of your business. For example, a business with a global supply chain that is dealing with production and parts that are in short supply will have a different approach to security to an organisation that is not dependent on suppliers from overseas.
It's important to remember that you can be a collateral target by virtue of who's around you, so know your neighbours. Could they be a target for whatever reason? If so, then so are you by default. When reviewing physical security measures, organisations need to look beyond their own building and the immediate perimeter. They need to look around and to the periphery to identify where there may be other vulnerabilities.
A culture of organisational resilience
In addition to a robust security strategy, there needs to be companywide buy-in to the importance of security and a culture of resilience within the business. Organisational resilience doesn't just deal with the day-to-day security elements, but rather the ability to survive, recover, and prosper should a business be attacked or find itself in the path of an attack.
Assessing the effectiveness of security measures and controls requires trained security professionals to conduct regular risk threat vulnerability assessments that are specifically tailored for that business. If it was an organisation that holds a lot of events, for example, the risk and threat assessments should be conducted before any major events, and regularly throughout the year. Any change in business activities, such as acquisitions and mergers, should also prompt a review. Dynamic risk assessments are vital when things happen suddenly, such as in response to an incident, or in response to anything that could change the security posture of an organisation.
A strategy should be living, breathing, and evolving in light of the insight gleaned from risk and threat assessments. It should also include the provision and revision of appropriate equipment, including fencing, lighting, hostile vehicle mitigation, CCTV, alarms, and robust access control. Considering how technology can support security officers can increase resilience and effectiveness of a security provision. Remote monitoring centres can monitor intruder alarms and panic alarms, CCTV, and access control which can trigger fast responses by police and/or security personnel.
It is impossible to be culturally resilient without well-trained security officers that are cognisant and aware of threats and procedures, that can effectively cascade that knowledge across an organisation. Non-security personnel need to be aware of the procedures in place to ensure business readiness when an alarm is triggered or when a lockdown is enforced.
What’s at the other side of the hill?
As the Duke of Wellington so eloquently put it – “All the business of war, and indeed all the business of life, is to endeavour to find out what you don't know by what you do; that's what I called 'guessing what was at the other side of the hill'.”
If I was running a business, especially a production business, I'd be concerned about the threat from artificial intelligence. Although there's a lot of benefits to be reaped from AI, there’s also a lot of risk – everything from the creation of false narratives to the cyber and security risk that comes with digital vulnerabilities. More education is needed to ensure businesses are pre-empting eventualities that may seem far off but are closer than many think. At Corps Security, we make it our mission to share our knowledge and expertise to the wider market, through our Corps Relay Intelligence Reports, which are free and accessible to all.
Businesses that have their own in-house professional security advisers should be sharing regular daily intelligence updates, briefings and assessments on the global geopolitical scene, and how issues and events that arise out of that intel may impact the business. Those that rely on external security service providers should be looking to them to keep them abreast of intelligence and information as to where they need to focus their budget, time and efforts when it comes to security measures. That includes monitoring social media for real time alerts and information about anything that's going on in the world or nationally that can impact business operations or the safety of stakeholders.
Ultimately, businesses need to be aware of the ever-evolving threat landscape surrounding them, because without that awareness, and the planning and preparation that must accompany it, they are putting themselves, their stakeholders and the communities they serve at risk.
