A New Generation of Adversaries: Security Risk Management

Security risk management is not only the science of risk identification, calculation and protection but also the consideration of adaptive, intelligent and purposeful individuals/groups seeking to circumvent controls and impose loss, harm or damage on assets.

In other words, bad actors, criminals, terrorists and an array of adversaries.

Without adequate and detailed consideration of adversaries, security and all acts, artefacts and expenditure in the name of 'security' are blunt instruments applied to everyone at all times. That is not contemporary security risk management nor security as a science.

Therefore, it is not only essential to study, anticipate and protect against specific and broad adversaries, it is also essential to analyse these adversarial actors, associations and capabilities in depth.

They are NOT dummies.

That is, they are not bumbling felons and comical characters depicted in some movies, the media and even across professional cohorts such as police, military and government

They are not all created equal either.

For many, criminality, terrorism, murder, deception, destruction and violence is just as much a professional vocation and life-time pursuit as those in private/public security roles.

It is also worth noting that,

Many also have commensurate skills and significantly more resources and free reign than the guardians, protectors and security sector professionals.

While far from exhaustive, the following list serves as a reminder (and scary awakening for some) of the types of competent, reasoning, agile and motivated adversarial actors around the globe...before a significant global disruption and social unrest trigger, COVID-19.

Creative

applying innovative use of the ancient arts of unconventional warfare

Asymmetrical

launching multifaceted physical, political, informational, and cyberattacks

Secretive

cloaking in multiple layers and compartmented cells

Deceptive

misleading and manipulative in their intent and behavior

Adapted from:

Lee, W. (2005) Risk Assessments and Future Challenges, FBI Law Enforcement Bulletin, 74(7), pp. 1-13

Resourceful

maximizing the use of available resources to achieve their objectives

Intelligent

capitalizing on detailed planning and orchestration

Visionary

foreseeing the third and fourth order of effects of their actions

Adaptable

evolving and adjusting with each new countermeasure

Ruthless

striking with brute violence against the innocents

Sophisticated

employing intricate ploys and strategies

This list remains a coarse reminder and guideline.

It is not alarmist nor bell ringing for extraordinary security measures.

It remains a guide for consideration not a blunt rule or generic model for the deprivation of liberties, social control or surveillance state activities.

Security risk management professionals will know this, however, there are far less professionals than there are enthusiasts, practitioners and overnight 'experts'. This caution is for them.

Tony Ridley, MSc CSyP MSyI M.ISRM

Security, Risk & Management Sciences