Straight talk about what every security practitioner and organizational leader needs to think about as we approach the end of 2020

Society is in a tailspin and many decision makers are wondering which end is up. The media is widely reporting a narrative of rising COVID-19 cases, political violence, and poor economic indicators. The interconnectivity of the world and technology has provided the media power to both educate and persuade at the same time. The world economy is reeling. Multiple global “cold wars” are in full effect. Epidemiologists are working overtime. Division of ideology and political belief is stark globally. The weather even seems to be extreme and violent. Whatever the political or ideological proclivity, there are security realities that stem from popular belief and the resulting outcomes of those beliefs. Thinking about the future environment and scenarios businesses and clients are likely to face, will separate the wheat from the chaff in the new age of security and risk management. We share some insights that may help to stimulate proactive decision making and solutions. Those who consider them will find themselves ahead of their peers and better prepared.

The Near Future

The real impact of COVID-19 is not direct. The virus is dangerous, largely due to its easy and rampant spread from host to host, the scope of which is only initially understood. Despite a decline in mortality rates and encouraging reports of therapies and vaccines, its ongoing impact still affects us all. The disruption caused by quarantines, missed shipments, remote operations, health care systems, and lower productivity is an obvious issue. The less obvious impacts will be the reactions by local governments, citizens, and businesses to perceived rises in virus infections. These reactions (and overreactions) could yield far more devastating results to stability and commerce than the virus could ever do on its own. Mental health issues, declining health, and lack of preventative medicine will spark a multitude of threats few people are discussing.  If even more rigorous mask mandates and lock downs are enacted, early 2020 might be remembered as a relative vacation. Remember to keep politics aside and think about narratives and possible responses. Think about the human condition and learn from how society and governments have responded in the recent past. Think about what this will mean for your practice.

The outcomes will vary from country to country, and state to state, but the citizens of many countries, especially America, will not take kindly to government shutdowns and continued perceived threats to their rights to assemble and move freely. Many protests emerged in early 2020, and if lockdowns were reinstated, the protests would become more widespread and possibly destructive. Many different libertarian minded groups would likely participate in protests and the damage would be precipitated by increased economic and cultural divisions or overlap in cause. Indications of unrest will include heightened vitriol on social media, planned protests, increased crime, and rising civil disobedience. Fixed facilities, operations, transportation, and assets under protection would all have increased exposure and need more resources allocated. Security professionals will be asked to deal with non-compliant personnel to pandemic policy. We recently saw in the Denver shooting of a protestor, what can quickly go wrong when private security takes matters into their own hands.

Second order effects of increased shutdowns will include significant economic losses by local businesses, cut budgets, and higher unemployment. Despite government attempts to overcome this with social welfare and short-term capital injections, cutbacks will be ongoing and food shortages are a real possibility. Even now, many countries are stockpiling or engaging food supplies for possible downturns and inflation. More idle hands, desperation, and bleak outlooks will create fertile recruiting grounds for extremists and angry citizens. More depression and mental health degradation will occur and impact security efforts in society and in corporations. Mandated mask wearing will create societal conflicts, further modifications to commerce, and added expenses. Many citizens will choose not to comply or deal with some businesses, creating conflict and revenue losses. Unintended and different health issues will rise from lack of access to medical screening or continued mask wearing itself, impacting talent pools and causing further analysis on aggressive preventative measures. Economic conditions will stimulate corruption, theft, and desperate behavior. Security professionals will be called to protect businesses, assets, and continually monitor rapidly changing situations. Working with law enforcement, agencies, and learning de-escalation techniques will become more widespread as economic conditions worsen.

Political infighting and the US presidential election will only heighten the stress levels and propensity for disruption, violence, and criminal activities. There are global undercurrents of division based on race, economic beliefs, religion, organized crime, and politics. There are elements in society that will capitalize on the discord and use the opportunity to gain leverage over competing belief systems and groups. Politics will invade the workplace, neighborhoods, cities, and governments. The quick spread of information and narratives will result in better coordination and effective execution of extremist plans. Organizational threats will become more concentrated and dangerous. As citizens associate with similar cultures, interests, and belief systems, hardened by confirmation bias, they will associate less with a nationalistic tendency and find less common ground with each other. History has shown us what happens when divergent politics are consolidated and radicalized. Without hot wars and unifying fabric (even sports are now divisive), boundaries will form.

Political infighting and the US presidential election will only heighten the stress levels and propensity for disruption, violence, and criminal activities. There are global undercurrents of division based on race, economic beliefs, religion, organized crime, and politics. There are elements in society that will capitalize on the discord and use the opportunity to gain leverage over competing belief systems and groups. Politics will invade the workplace, neighborhoods, cities, and governments. The quick spread of information and narratives will result in better coordination and effective execution of extremist plans. Organizational threats will become more concentrated and dangerous. As citizens associate with similar cultures, interests, and belief systems, hardened by confirmation bias, they will associate less with a nationalistic tendency and find less common ground with each other. History has shown us what happens when divergent politics are consolidated and radicalized. Without hot wars and unifying fabric (even sports are now divisive), boundaries will form.

Geopolitics, environmental pressures, and global resource hoarding seem like far off threats that have little impact on security professionals. Think again.

The economy is an instrument of national power and thus is susceptible to attack and exploitation. Corporate espionage, subversion, and private/public information operations will only increase. This will impact how we protect and advise clients globally and domestically. The environmental security challenges (forest fires recently) and global warming are more than scientific, political or theoretical debates. The impact of extreme weather, extreme environmentalists, and associated disruptions is rising. Some of this will be exploited and exacerbated by foreign enemies. Cold wars will do more damage to economies and society while requiring advanced security skills that are all but conventional.

We sincerely hope that on the spectrum of possible outcomes over the next 6 months that government can successfully mitigate these emerging threats. Many arrests have been made, and the leaders of the violent extremist organizations (VEOs) are being monitored globally. Promises and retractions of economic stimulus is whipsawing markets and causing confusion among businesses and individuals seeking relief. The most effective way to deal with COVID-19 must entail practical, bias-free, and strategic discussion. We can’t ignore it, but we also can’t cut off nose to spite our face. Ego free conversations need to happen with non-political spin for us to think clearly about what we can and can’t do or what we should and shouldn’t do. We hope these talks become based on more analysis and viewpoints than bringing a few infectious disease or virology experts. These decisions must include experts from many disciplines, and we can’t defer solely to medical or scientific data as the final determinate for best practices in such a complex environment. Successful risk management (what this is about) is far more effective when all relevant planners and stakeholders are involved. Having said that, we can’t expect completely rational or comprehensive analysis. Prepare for other outcomes.

How to Prepare

       Business will not be as usual. Your security programs and companies will need to evolve. This has always been the case but the current environment is forcing change. Security programs must be more proactive, comprehensive, risk management oriented, and intelligence driven. The siloed approaches of conventional security will just not work anymore. I advise companies with technology phobic and conventional security managers to force change and/or terminate your relationship with them as soon as possible. If your security team can’t evolve with the times, or don’t have the skill set needed for today’s security management needs, they need to be trained or removed. The margin for error is very small now and performance in security programs can increasingly be measured. Security and risk management strategies and programs are increasingly being briefed at the Board level. Remove those managers that are afraid or resistant to being measured. They will be the root of the next disaster.

Focus and enhance your security program efforts in the following areas immediately:

  • Early detection of threats, indicators, and warning across ALL categories
  • Understanding of threats and how they impact/expose yours or your client’s organization
  • Training programs that involve civil-private scenarios and possible new realities. De-escalation, use of force, threat identification, and emotional intelligence training throughout an organization are now important. Training needs to occur across the organization.
  • Practical and realistic conversations with C-suite and Board on budgets and priorities based on actual data.
  • Bridge any gaps between security and risk management programs. Create a security and risk management committee for planning, operations, and strategy. Improve prediction models. Create contingency plans.
  • Start collecting and reporting on metrics related to security programs for planning, improvement, and allocation of resources.
  • Prepare for increasing remote operations and the inherent cyber/distance risks involved. There are also mental health security challenges associated here.
  • Prepare for conditions of scarcity, talent flight, and forced regulation.
  • Prepare for foreign attacks to critical infrastructure and resources using fires, direct attacks, espionage, and cyber-attacks.
  •  Prepare for increased theft and ways of mitigating corruption threats.

In short, we need to invest in security and risk management. No longer a cost center or “break glass in case of emergency,” effective programs create decided advantages and differentiation. Rely on insurance alone at your peril. Even smaller companies must look at security and risk management as more than financial factors to be concerned about. Schools must seriously adopt an “all-threat” relevant, risk management view of education for home and campus learning. Law enforcement and security companies must incorporate technology and intelligence changes and improvements that were “out of their wheelhouse” 2 years ago. Governments will need to undertake sweeping changes and look to threat assessment as a vital part of risk assessment and make the needed organizational changes.

Let Alpha Recon Help

Yes, there are scary aspects, and the underlying theme of this article is largely negative. However, we need to be wary of possible scenarios and we need to act now. When scenarios become today’s reality it’s too late. Evolve your programs. Evolve how you practice security and risk management. Many consultants are around to support this effort. Many technologies can aid your development and implementation. The world will ultimately persevere from these challenges even if it’s altered forever. Security and risk management is the blanket and shield we need right now. Don’t fall asleep on your watch when your innovations, skills, and services are needed by society most.