Forging relationships in local communities can bring an enhanced understanding of on-the-ground threats and help pre-empt security incidents.
Preventing a security incident from occurring is preferable to responding to the consequences after it has materialized. But too often security operations, whether conducted by the military, police or commercial providers, are reactive. Typically, this is due to a combination of finite resources, misdirected planning and inadequate intelligence.
It will never be possible to neutralize all threats before they occur, but maximising security managers’ situational awareness by improving their access to information can lead to an enhanced understanding of on-the-ground threats, which can then be pre-emptively addressed.
Successful security managers know the value of actionable intelligence; demand for commercial risk intelligence services such as A2 Global is testament to this. But security managers should augment such reporting by cultivating multiple information channels specific to their immediate operating environments in order to deliver a holistic intelligence picture.
Most professionals do this (knowingly or unknowingly) through network building and informal relationships. But formalising a collection strategy and actively developing communication channels, both within and outside an organization, can dramatically increase the information a security manager has access to and so their ability to address the threats their organisation faces.
‘For security managers who have identified the presence of such threats at their facilities, improving local intelligence should be a key priority’
For many businesses, particularly those not situated in high-profile locations in major cities, the most significant security threats emanate from their local environment. This may include crime perpetrated by local individuals and gangs; inter-communal violence in which a facility is exposed to unrest and vandalism; and insider threats such as fraud, theft and corruption perpetrated or facilitated by employees. For security managers who have identified the presence of such threats at their facilities, improving local intelligence should be a key priority.
Effective security requires depth; therefore, an effective security programme should extend beyond a facility’s perimeter fence. Information gathering is a prime example of this. One Allan & Associates consultant recalls an incident during the 2011 London riots in which staff at a branch of a large high street chain learned through personal contacts of potential violence several hours before local security deteriorated. The employees informed local management who passed the information on to the organisation’s head office. The information was assessed as credible and the branch closed early, with its doors and windows boarded up. The branch avoided potentially serious losses while neighbouring businesses were subjected to vandalism and looting.
Engaging a local network
Replicating such an information flow presents obvious value to security managers. To do so a network must be developed that has both the inclination and means to share potentially sensitive information. This network should include security and non-security employees, local law enforcement and members of the local community.
Organisations considering developing their local intelligence capacity must not approach it as an exercise in cultivating clandestine sources. Doing so will rapidly result in serious ethical, legal and reputational concerns. Instead, a security-related training and outreach programme should be approached as a way of building the organisation’s stature and trust within its local community, which will in turn provide enhanced situational awareness through information sharing. This applies both to encouraging employees to share information gained through their informal networks and encouraging outside stakeholders to engage with formal reporting schemes.
Security managers, particularly at large organisations, typically maintain contacts with local law enforcement and this can be an excellent way of gaining access to information. But too often such interactions occur on an ad hoc basis and are limited in scope and regularity. Liaisons with local law enforcement should be formalised and security managers should request regular meetings with clear agendas, the outcomes of which should be included in regular reviews of security policy.
As far as is possible, direct lines of communication should be maintained between an organisation’s personnel and members of the local law enforcement agency. Such interactions should not be restricted to security personnel but also include senior executives who should be encouraged to actively participate in security-related outreach.
Local law enforcement is rarely the only valuable source of on-the-ground information and in some instances agencies may be less informed or less willing to engage than other community structures.
Engagement with local community, business and religious groups, for example, can be an excellent way of developing positive community relations, which in turn encourages the sharing of information. Contacts with other local businesses, particularly those with dedicated security teams, should also be maintained.
There are two broad channels through which security managers can pursue such engagement. Local conditions, existing networks and the resources available to a security team will dictate the most appropriate channel to pursue, but it is likely a combination of both will be optimal.
The first is through regular forums and workshops explicitly intended to share security related information and best practice. Forums can include a broad range of stake-holders and participants from the local community and security managers have the opportunity to take a leadership role. It is, however, essential to consider existing inter-communal relations when establishing such forums. Distrust of local police, for example, could impede frank discussion if law enforcement agencies are present.
The second channel is through other existing outreach programmes to which a security element can be incorporated, either formally or informally. Many companies operate corporate social responsibility programmes or support local sports and social clubs, for example, and information sharing can also be promoted through their activities and among their memberships.
It is important to note, communication through both channels must go two ways to ensure effective engagement - security managers should use these networks to disseminate security related information and advice as well as collect it. Delivering security awareness and personal security training may offer a means of developing ‘buy in’ from community groups, while also furthering the security interests of the organisation.
Such training should not be delivered in isolation but be designed to complement existing security procedures, employee training and employee reporting procedures. Community members trained to identify potential security threats are more likely to have the confidence to report concerns, either to the police or to a corporate security team.
Whistleblower schemes are a well-established and effective method for employees to report criminal activity, typically insider crime like fraud and corruption. In most cases their effectiveness relies on their anonymity and accessibility, which requires them to be well-publicised and secure. But whistleblower-style reporting schemes can also be broadened to enable reporting of wider security threats such as protests, communal unrest and crime.
In many cases it may also be effective to broaden access to whistleblower schemes to community groups and other members of the public, and these schemes can be promoted through an organisation’s engagement networks. Such schemes are most likely to be effective when an organisation’s primary security threats emanate from the local community and the organisation’s outreach has successfully established ‘buy in’ from segments of that community.
Security threats emanating from the local environment invariably leave locally observable indicators, some very subtle, others less so; examples include: unusual surveillance activity during the planning of a robbery; the build-up of tensions prior to community conflict; or unexplained displays of wealth by employees engaged in corruption or fraud. Security managers should cultivate information channels that give them access to such granular information.
Locally acquired security information should not be used in isolation and almost always needs to be assessed in the context of the broader intelligence picture. But by effectively utilising localised intelligence networks and routinely incorporating locally acquired information into ongoing intelligence and risk assessments, security managers will improve their situational awareness and be better equipped to design security policies appropriate for local conditions. They may also, perhaps pre-emptively address an impending security incident, rather than reacting to its consequences.