Complexity and change are the new features of international business. Globalisation has changed the structure and pace of corporate life and the saturation of traditional markets has led companies to more risky places, such as Africa, Asia and the Middle East. There are asymmetric threats – terrorism, organised crime and IT security – and the way a company does business can also impact on its risk portfolio.
Despite these changes, many corporate security departments still have relatively little profile and influence. A handful, though, are listened to by the board and are operating at the highest level within their companies.
What makes these departments stand out is not the quality of their security technologies or the extent of their access to secret intelligence. They recognise that while they manage the security of a company, security is delivered through the everyday actions and decisions of all staff. The corporate security department is there to help companies to take risks in a sustainable way.
They do not take their lead from terrorists, criminals and hackers – they believe that business imperatives drive security, not the other way around. They focus on creating adaptive capacity and resilience within their company rather than protecting it from threats.