A holistic approach to security in any organisation is more important than ever, writes Norman Heit Group Corporate Security & Resilience Director at Vodafone in an SJUK exclusive.
The risks organisations face have changed, placing businesses under increased threat. It means a rethink is needed in the corporate space for how we approach organisational resilience, to make sure businesses are prepared for the challenges of the future.
Global geopolitical risk has evolved drastically in recent years, and this means businesses face more serious and less predictable risks, which occur more frequently than before. By their complex nature, geopolitical challenges will be some of the most difficult situations to navigate, and can have wide ranging impacts on any organisation from physical security of assets and personnel to supply chain disruption and major shifts to global economic dynamics and relationships between different markets.
Ten years ago, organisations would have been prepared for one-off events that have a clear beginning, middle, and an end signalling recovery and a return to normal business-as-usual. This could have been a terrorist attack, civil unrest causing short term disruption, a temporary network outage caused by vandalism or theft, or perhaps a ransomware attack on your network infrastructure.
Now, a wide range of industries must face various crisis events that occur simultaneously, have long lead ups and tails of impact, and can carry very significant risks for business. This has become clear in the past five years: polarisation between world powers and geopolitical instability has impacted supply chains, the COVID-19 pandemic transformed the way we work, impacted manufacturing across the world and particularly in China, and there is currently a war in Europe entering its third year that has led to the tragic loss of tens of thousands of lives and put the continent into what feels like a perpetual state of crisis.
We have also faced a subsequent energy crisis, which has made governments and organisations rethink their assumptions related to security of supply and wider national security interests, and more broadly we are experiencing a cost of living crisis that is affecting all of society.
What this means for global organisations is that holistic organisational resilience and a strong crisis management capability should be a default requirement in successful businesses, not an exception. A holistic approach also means considering the intersection of different threats; physical security, cyber attacks, insider threat, war, regulatory challenges, and technology dependencies all need to be taken into account together for an organisation to achieve true organisational resilience. This change and the fact organisations must prepare for multiple major crises to occur in parallel is unlikely to pass soon, and will likely mark a significant trend for corporate security professionals in years to come. This must result in a rethink and redesign of security organisations to accommodate for the evolving threat landscape and to future-proof security; traditional security approaches must change to be fit for the future.
Norman Heit is the Group Corporate Security & Resilience Director at Vodafone. Prior, he worked for Boehringer Ingelheim as Head of Global Security Management and Head of Corporate Crisis Management at Bayer AG. He is a member of the Supervisory Board of the Transported Asset Protection Association (EMEA).
Norman is also an Advisory Panel member for the upcoming SJUK Leaders in Security Conference which will take place at the Hilton Deansgate on Tuesday 16 July.