Internal and External Dangers: Enterprise Security and Risk Management

Whilst most applicable for developing and emerging markets, this reality remains true for even the most developed market and that is that

at some point, good and effective security and risk managers will be disliked and even targeted by elements internal and external to their organisation. 

This is due to the reality that by your very existence, and your ability to be affective, you will bring an end to people’s ill-gotten benefits, personal gains and stop their outright criminal activities.

Hence, you make some enemies along the way. 

There are security and risk managers that have very narrow remits and limited powers and then there are those that have an overall responsibility to add value to the business, reduce losses and identify and eliminate illegal or unwanted activities.

I’m referring to the latter in this instance.

Those that watch everything, those that question every activity and process within the business, those that are the sentinels and keepers of moral, ethical and legal actions of the business and stakeholders.

I personally consider anyone in this type of role that at some point in their career has not been disciplined, threatened, experienced hostile management or even been fired…..as not to have been doing their job.

It goes with the territory. 

When you identify and bring an end to people getting easy money and personal gain from the company via illegal or questionable means you will naturally make enemies.

These enemies may range from the odd individual that has had a good run come to an end [or prison] to senior executives that rally to have you removed once you have identified or started to conclude their questionable/illegal activities.

Not to mention, you may also come across criminal and community syndicates with internal and external representation, that will also target you and your role so they may prosper or continue to leverage vulnerabilities. 

At some point in your role, whether it be in the initial honeymoon phase [always find out why the previous guy is no longer in the role] or in the advanced stages, you will identify or come across ‘questionable practices’ and even illegal activity.

What do you do?

The end game shouldn’t change but your implementation and approach to getting that end state will vary in order to get the result, contain the threats and protect specific interests, including your own.

In some circumstances, the danger to you may be life threatening, so choose your next moves wisely.

In my career I have had to manage issues ranging from corruption, insider trading, petty theft, extortion, kidnapping, murder, price fixing, financial fraud, tax evasion up to and including assassination plots to remove me and my influence.

All the while, protecting valuables/product worth hundreds of millions dollars, peoples lives and the ongoing operations of the business.

Sometimes this is the very reason you are brought in, to fix the wrong, sometimes you just discover or inherit the ignorance or malaise of the incumbent. 

The behaviour you tolerate or walk past is the behaviour you now condone or support...to a degree.

Sure, it may mean the end of your job and steady income but you have now been compromised and no longer serve the businesses or management’s best interests, you are just “going along to get along”.

This may last for a period of time but your days and status in the industry will be greatly reduced. 

Anyone that assumes the role of security or risk manager must navigate the role’s various dangers and measure each and every stakeholder in the process.

These plans and workings many never be written down and are usually only discussed with trusted, fellow professionals in quiet places…or you may be all alone and surrounded by threats.

Either way, you must learn the craft of subtle manipulation and strategic game play if you are to succeed and in hostile environments, survive.

Sometimes you win, sometimes you get axed.

Either way, stay true to your convictions and remain one of societies and the commercial world’s trusted sentinels…such individuals are always [or eventually] prized by the right people and communities.

Stay safe. 

Tony Ridley

Enterprise Security Risk Management & Security Science