Security Convergence: the new profit multiplier or threat to a profession?
Security, risk management and intelligence have converged in the last decade, resulting in a shift in traditional views that security is a simple line item cost to business.
The convergence of security and risk management was the beginning, demonstrating security as an opportunity to add value to the business through the mitigation of cost. The addition of intelligence to the security mix becomes more than a cost mitigation process and moves toward becoming a business profit lever. It was the green movement that spawned the axiom ‘think globally act locally’; in the security domain we can also reverse the saying to, think locally act globally. Through the application of strategic security intelligence processes local security outcomes evolve.
Security intelligence is an investment, with potential to provide a significant profit dividend. Increased convergence leads to greater opportunities and today security managers using foresight are recognising there are opportunities to be exploited through convergence and integration with disciplines such as environment, health and safety, IT security, governance and compliance.
Security is, and should be, an executive and management responsibility. It is security that allows the executive or management the freedom to plan and operate business safe from the threat criminal or otherwise. This condition of security is achieved when the organisation’s assets – such as information, equipment, people or facilities and activities – are all effectively protected against criminal exploitation, terrorism or other threats. In this case we can describe security as the condition achieved, however security is more than that. It also includes the control measurers and activities designed to achieve it. This broad scope of security includes both policy and procedure, and the application of resources both physical and intellectual.
Our aim as security management is to achieve a safe environment, allowing the company to carryout its business. Security management achieves this by establishing a level of control over threat sources and the business environment. Critical to achieving this control is speed of decision-making and the application of security effort at the decisive point in time and place. Further essential elements for success include an effective security intelligence system, an effective security risk management process, and appropriate health and safety systems ultimately backed up with appropriate resources both human and technical. However, all business environments are dynamic, and threat sources will very rarely conform to expectations. Furthermore, the zero risk environment is simply not achievable within a cost effective structure. In this convergent and integrated world it is the successful implementation of integrated security processes that enables the executive to balance management of a complex business environment in the most cost effective responsible manner.
So what does this all mean for the security manager of the future? Increased integration and convergence will likely result in an increased demand for professionally educated and trained security managers – security professionals with undergraduate qualifications in the security sciences. Alternatively, it may mean professionals from the convergent disciplines with postgraduate qualifications in security management. The security managers of the future will be professionals with a defined knowledge base and levels of competency as a result of education, rather than the craft-based system of today where security managers in many cases are selected or appointed on the basis of previous employment more so than professional status.
How do we determine that security management has come of age? What are the opportunities for the security graduates of today and tomorrow? It may be that one of the measurements of professional maturity is when we can see career paths for graduates of the security sciences including steps such as Security Advisor/Specialist, Security Manager to Group Services Manager and not being automatically ruled out of consideration for C suite executive positions. In the future will we see listed companies looking to the security profession when it is time to bring new members into the Boardroom?
There is a flipside though. Real convergence will also mean that professionals from these converging disciplines will be in consideration for those senior management roles, and the security manager may not necessarily be drawn from the security profession. The key to ensuring it is the security professionals who are winning these appointments will have quality security education.
About the author: Jeff Corkill is a lecturer in Security Science at Edith Cowan University. He has served in the Australian Army for 20 years as an officer in the Australian Intelligence Corps specialising in the areas of counterintelligence and security. He is active in the Australian Institute of Professional Intelligence Officers, the Risk Management Institute of Australasia and the American Society Industrial Security.