Transforming Security Industry
The transformation of the security business
I have been involved in this industry from 1988, passing trough most positions and task in both public and private fields, probably I have perspective enough to look back into the transformation of the security industry, from where are we coming…. And where we are pretending to arrive.
What means Security Business
For the purposes of this article, I will confine the concept of Security Business, to Companies providing Security and Intelligence Services, including Manned Services (security guards, security drivers, close protection officers), Intelligence Gather, Intelligence Analysis, Consulting, Training and Education, Cash-in-Transit and finally, International Security Services in high risk destinations such Iraq, Libya, Somalia, Nigeria, Brazil or Mexico to name a few samples.
Intentionally, I’m keeping out of the discussion, Fire detection and Domestic Security systems, the Cyber Security and the Homeland Security fields, not because those are not a big part of the business, but to be focused in a part of the industry under constant scrutiny and public discussion.
The old way
Probably the paradigm of this change has a name, Control Risks, the firm created in 1975 as a requirement of the Insurance Broker Hogg Robinson and leading the transformation of the high-end services, especially in the areas of Kidnap & Ransom prevention, Risk Management, and Crisis Support. We can argue about the model of business or evolution from the 70s to our days, but honestly speaking, Control Risks set up the new industry standards… and also created in me, a deep appetite for knowledge, progress, evolution, and excellence.
In the ’80s and ’90s, everything a customer was looking for, was a reliable firm, able to provide trained Human Resources in their facilities, supported by rudimentary electronic systems such volumetric detectors or analogically CCTV. However, was precisely at that time, that few firms were demanding more specialized services, with American and British customers, pulling the security companies to create new products and services.
Control Risks was the favorite firm for most organizations operating overseas, especially for those connected with Oil & Gas, Energy, Financial and Transport, however, they were not providing domestic services such manned guarding force, their target was always the top of the customers, following the Gauss Bell Curve, the High Performers, the small percentage of potential clients who are afforded a high-class service with a not small budget.
Hard to say that as Spanish professional, but in my country at that time, the security industry was barely crawling, the first company authorised by the government was Eulen, with the license number 0001 from the year 1975 if my memory still working good, however, the first timid incursion in the high-risk international services for Eulen, was in 2008 or so, clearly behind the British, American or French markets, and was requested support from a British firm for “logistic and operational” reasons.
The old way to managed the services at that time, was usually the utilisation of ex-military and intelligence officers, people with experience in real hot spots and boots on the ground, applying and adapting their skills to the corporate level, sometimes advising governments, training troops, supporting intelligence operations or negotiating during crisis involving kidnaps.
In a second layer, where the traditional security companies, delivering uniformed guards, installing electronic and physical devices and running the cash transport for financial institutions, banks, and other customers. Generally speaking, was a clear environment, the so-called “consulting firms”, provided high-end services, mostly in complex regions, and the “manned security” firms, covered the domestic aspects, such protection of corporate headquarters and eventually operational areas overseas.
The big step
Right after the Gulf War in 1991, the allied forces understood the need of permanent presence on the region, however is not economically sustainable a permanent military force deployed overseas, and most important, difficult to sell to the voters, so the Americans turned their heads to an old and long term collaborative friend, the military contractors, back to Korea War.
Later, with the Second Gulf War and the invasion of Iraq, in 2003, the “corporate soldiers” explosion touch base, however, I’m not interested in discussing the great job done by firms such Blackwater, Triple Canopy or Hart Security… but this element is important part of the equation, many businessmen, former Special Forces soldiers and some security firms, used this situation to jump into a lucrative business.
And here we are, with many organizations, NGO´s and firms, doing business in the Middle East, Colombia Brazil, Mexico, Somalia… and looking for a good partner to provide adequate security and intelligence support in this scenarios, suddenly we assisted to an explosion of new entrepreneurs fighting for the same pie of cake, I was one of them, so I have a piece of pretty good knowledge from inside.
Some of those new businessmen were forced to attack the market in solitaire because financial institutions, banks, and investors, were in some way skeptics about the Return of Investment, and never forget, this is about business.
But far to be seated waiting, some dynamic security firms took the decision to develop a new branch dedicated to deliver high quality services in complex environments to trusted customers, its the case of Garda in Canada or G4S in the UK, sadly to me, no one Spanish firm was able to invest the necessary resources, time, energy and professionals at this level, maybe because the Government and Intelligence Service (CNI) didn’t sympathize with the idea of Spanish citizens armed operating in those regions under a Spanish firm or involved in Intelligence and consulting activities to foreign actors.
In business, as in the life, the train is not passing twice, so they lost the shot and the leaders in the industry are British, French and American, with interesting exceptions from Norway, Sweden and Germany.
This is business
The international security business, follows the same rules than any other business, with special attention to Ethics, Due Diligence, Compliance and Finance, because we are working in territories with deficiencies of rule of law, inappropriate security forces, confusing laws about use of force, finance and many times, corruption, terrorism and organised crime linked with government officials.
Said that, one of the most interesting aspects of the Security and Intelligence business in the 21st Century, is the support we are providing to corporations, multinationals, NGO’s and Governments, in the areas of good practices, Compliance, Rule of Law and Security Sector Reform, alone or in association with supranational organisations such EU, OEA or UN.
The market is plenty of samples and several companies are running projects in collaboration with those supranational entities, or those agencies are the customers of top security firms such as the French Amarante or the British G4S to name a few.
Because is business, many big consulting groups are presently providing security and intelligence services, including big names such KMPG, and we have a new kind of professionals climbing to the top of the pole, the expert formed in the best Universities, Academic and Research Centres, with a Ph.D. under their arms, in specialties such Geopolitics, International Relations, Diplomacy or more technical stuff such Artificial Intelligence.
Well, many other firms are hiring this kind of experts, it’s not a specific phenomenon related to traditional consulting firms, but we have to be aware that only academic experts are not enough to provide a full range of security and intelligence services.
And here is my big question: how to confront the new pléyade of new firms and experts in the market? how to know you are hiring the right company for the right job… on budget?. Going forward, how to know if you need an expert in Risk Management and what is this in a world of Financial Risk, Corporate Risk, Project Risk, Cyber Risk and so on.
One of the basic concepts in Risk Management is deeply connected with the Lessons Learned, so apparently doesn’t have any sense to hire the new kid on the block, however, we have other factors, for example, maybe the company is new but the board members are former ¨something¨ or they have experience leading another group, so we are talking about people looking for a bigger part of the cake for them or… people unhappy or frustrated with the way to manage the business with their former employer or investors.
Another question to think about, is the operational experience, personally, I will never recommend the use of experts without operational background, if you need an embedded expert to prevent Money Laundry or Illegal Financial Activities, you must find a company able to provide you a consultant with real previous experience dealing with those situations for a government, law enforcement, intelligence or financial institution… or even coming from the dark side.
If your needs are oriented to resilience planning or crisis management, you need a person with years of experience in this environment, if your organization is looking for a Risk Manager, probably you will feel comfortable with a professional coming from the Corporate Risk, Anti-Terrorism or Intelligence fields.
Said that, this article is about transformation of the security industry, and the new global tendency, politics, media coverage, legal changes and constantly evolution of the crime, is creating a new company model, based in:
- Academic experts
- Intelligence Analyst and Operators
- Business Managers
- Operational Tactics Experts
- Technical experts
I’m calling this, the Pentagon of Security, where Business Managers are representing a key element, professionals with a solid security background and studies related to Security, Intelligence, Management, International Relations or similar issues.
The new business managers have deep knowledge in several disciplines because is difficult to sell something that you don’t understand (and believe me, the trick of “sale the pen” doesn’t work here).
We are assisting to a new transformation of the security business, build around those consultants and their skills, rather than in companies, they are becoming providers and auditors of security professional managers).
Those experts, have a wide knowledge of Intelligence, to analyze the threats and forecast potential situations affecting your customer, collecting information, analyzing and distributing to users during the full length of the project.
They are men and women with an operational past connected with military or law enforcement, able to present a hard solution based in physical security and kinetic response… and of course, with a foot on the future, learning the daily innovations connected with security and passion for the job, from the IT or Machine Learning applications, to a reasonable knowledge about Cybersecurity, Pentesting or ComSec.
I understand the difficulties to find consultants with all those requirements, the best security firms are hiring them because the market is very mature in terms of high-security services. For this reason, every day we have more companies in the industry fighting for the same piece of cake, but only a few resist the minimum analysis of quality and performance, I heard recently that someone is not happy with “X” company, because they still doing the same because is hiring people with same profile, I have to say two questions:
1st You can do the same for 40 years, but in a different way, with a continued evolution based on the lessons learned. The notes from the piano are the same from few centuries, but we passed from Mozart to Jerry Lee Lewis and then to Jean Michel-Jarre, different ways to apply the basic concepts, all of them brilliant and extraordinary, and adapted to their time.
2nd Sometimes, you don’t need to improve the core, the fundamental, just make it better and with new materials. The typical sample I´m presenting to customers is the wheel: still a circle from thousands of year, just materials, tubeless, processes to manufacturing and printing design, durability, speed supported and improvement or variations around the same… circle, because we didn’t found anything better yet.
Where are we going
As I said above, we are assisting to another step forward in the security industry, many governments have moved into a slippery terrain, transferring or sharing the prevention of the crime in the corporate field, one of the most common mechanisms used is the Compliance, in fact, a more regulated and extended law about the criminal responsibility of the juridical persons.
In this area, the Intelligence and the use of technologies are a mandatory tool if the customer is expecting good results, bordering the limits of the personal life of employees and the right to privacy…. but apparently the privacy is dead in the way we understood in the past and need to be defined again.
The security industry is not anymore a single point of view, neither an independent service, just opposite, our work has become a multidisciplinary activity, very demanding in terms of knowledge, regulations, and technology.
Only the companies who understand this path, will survive, only professionals updated their knowledge and open to new influences will provide the adequate level of quality to their organizations, and only the security organizations managed in those premises will be profitable at medium term.