Sir - I very much enjoyed the recent Security Industry Authority (SIA) Breakfast Briefing at Centre Point in London (‘Regulation "must be policed", states CBI boss', News Update, SMT, December 2005, p7), and firmly believe it is now high time we progressed some of the critical issues discussed on the day.

Many of us have preached for years that security ought to be part of the capillary system of any corporate environment. At the Breakfast Briefing, Sir Digby Jones - director general of the Confederation of British Industry - suggested that: "Security must be ingrained in the DNA of every part of every business". He's exactly right.

Security guarding and investigating are but very small tips of the corporate security iceberg. A full and effective corporate security strategy must include many issues: physical protection, the protection of people, information security, business continuity management, threat and risk assessment. The list is long. Not only are these areas of activity unregulated (and perhaps they cannot be regulated) but, more critically perhaps, such comprehensive strategies are often totally absent from individual British businesses.

It is tempting - and sometimes correct - to lay the blame for any absence of an effective corporate security strategy on the local director of security, citing his or her lack of persuasive internal marketing skills. However, that's not enough. All-too-often the cultural perception of the chief executive and the Board - which is shared across ‘CEO-dom' - lacks any kind of rudimentary understanding of what security and risk management might provide in support of the bottom line in their companies.

At The Security Institute (TSI), we feel there is an urgent need to create a dedicated Forum for discussions at a senior level between the Institute and senior representatives from members of the CBI. Indeed, I have written to Sir Digby Jones with that suggestion in mind.

There may be scope for a two-hour meeting, repeated on a six-monthly basis, at which chief executives from CBI member companies could tell six senior corporate security directors (all of them TSI members) in no uncertain terms what they want from the security or risk management functions in their organisations. TSI would then respond by spreading the message and pinpointing synergies that may be exploited.

It is very often the case that CEOs are sitting on security and risk management resources they simply do not exploit.

Bill Wyllie CPP FSyI, Chairman, The Security Institute

Source

SMT