More than 100 countries instituted full or partial lockdowns. Workplaces went remote. Schools closed. Disinformation became a thriving industry. Disparities accelerated. Extremism mainstreamed. Geopolitical tensions were amplified by the rising global challenges posed by the pandemic, migration, climate change, and cyber insecurity.
Conflict and violence—ever present in human interactions also changed in 2020. Differences and divides around even the most mundane matters—from mask wearing to mail-in ballots—became sources for passionate debate, and significant issues such as racism, nationalism, and personal liberty spawned spontaneous and coordinated unrest. The transnational threats of the last 20 years have been supplanted by domestic versions; domestic militants form, disband, rebrand, and reconstitute monthly. Tactics and techniques now include the use of drones, street fighting, and online threat campaigns.
Conversations about the new normal have been had in a myriad of contexts, but there does not seem to be a consensus about what this will entail beyond a continuation of changes in the ways we act and interact.
Maintaining safe environments amid the complex dynamics of our contemporary reality necessitates redefining security and reimagining the role of security professionals. The policing functions of security—gates, kiosks, uniforms, and weapons—leads to stove-piping, creating physical and mental barriers or even polarization between the workforce and security personnel. The traditional focus on access control, protection, psychological deterrence, and emergency response must evolve to align with the more holistic Enterprise Security Risk Management (ESRM) guidelines, such as those published by ASIS. Integration into the workforce environment, rather than mere patrol of it, is more necessary than ever for an accurate assessment, prevention, and disruption of threats.
Working with leadership to evaluate risk tolerance, which may have evolved with the events of 2020 or because of fundamental changes in the work environment, is also important. Remote work habits in particular render it vital to ensure that the workforce is knowledgeable of and invested in the security behaviors that will protect third-party access to organizational systems and assets.
For security initiatives to succeed in today’s climate, the broad definition of “stakeholder” envisioned by the ESRM guidelines must include a wider segment of the workforce, consumer base, and partners. Security professionals are more effective when exposed to the full spectrum of an organization’s operations, interests, and security concerns, including active shooter, insider threats, and hate speech in the office.
Cultures of safety must be created to proactively protect assets—people, physical, cyber, and reputational—against both historic threats and those newly introduced by heightened levels of divisiveness and grievance. The security professional-as-partner model is essential to identifying threats and managing risks that can arise from without, as well as those that can materialize within.
Reminding staff about incident reporting protocols and adopting modern best practices that focus on intervention rather than surveillance and enforcement, for example, can elevate workforce engagement in security.
Educating the workforce on behavioral indicators associated with contemporary threats—such as colleagues voicing beliefs that violence is the only solution for a particular issue; sudden secretiveness surrounding activities; or new and significant interest in acquiring materials that can be used in an attack—can improve workforce safety literacy and support a more robust partnership.
We must train up and train out.
Given the ubiquitous nature of interpersonal conflict, security forces—whether contract or proprietary—must be competent in the basics of de-biased decision-making, conflict de-escalation, incident reporting, and recognizing burnout, each of which is vital to accurate assessment and mitigation of disputes. They must be socialized to an organization’s values, priorities, and risk management strategy; critical thinking is—more than ever—an essential tactical tool. Providing context helps employees to be mindful of events to report or about which to seek consultation.