In one of my previous articles, I wrote about the advantages and disadvantages of an in-house Security Manager as part of a household staff, compared to out-sourcing the requirement. Since then, we have received numerous emails and requests for a less ‘black and white’ solution, which does of course exist. The question is, how can a family begin to increase their security and safety without hiring in additional security staff, and without using a security contractor? The answer is simple – through training. Let me explain.
We all see the news, receive updates on our smartphones, and are increasingly affected by global events which, even twenty years ago, would have seemed too distant to be of interest. This has a dramatic impact not only on our personal lives but our work environments also. I recently attended a forum in London to discuss upcoming changes around government legislation for counter-terrorism measures to be adopted by large businesses. Specifically, the focus was on how organisations of all sizes need to begin moving the focus in security and business continuity from purely digital computer based attacks, to a more balanced viewpoint which considers physical security as much as it does cyber. It is in our nature to divert attention to the ‘next big thing’ and whilst I am not for one-minute suggesting that the cyber threat is not real, I firmly believe that those who act with malicious intent will exploit any weakness we present them. When the British Army became fully engaged in Afghanistan, millions were spent developing the latest counter-measures to protect our troops. These were highly effective, against a specific threat. And this is the problem – those we were fighting were versatile, adaptable and intelligent. The solution to our advances in technology was simply to take a step back, and practice more rudimentary tactics. It was not long before our state of the art equipment served only as additional weight to carry.
Businesses are now facing a similar dilemma, having invested huge sums of money to improve their ‘cyber security’, but with offices readily available to anyone wishing to enter because “the security guard is becoming obsolete”. My question would be this;
If one of your employees happened to see a smart looking USB stick on the floor of the elevator, or even at the canteen area in the office, which was labelled with your company logo, how many of them would put the device into their computer – probably with the good intention of finding the owner?
The issue here is twofold. On one hand the physical security of the premises has been infiltrated allowing someone to gain entry to areas they simply should not have access. The second is staff awareness of the potential threats and tactics used by those wishing to inflict damage. We work closely with organisations to develop these measures and foster a more robust culture of security. By delivering awareness training to staff and demonstrating the tactics and methods used by terrorist groups, organised crime rings and lone attackers we can prepare them for what to expect if an incident does take place, and importantly we can teach them how to act.
This is equally true for households and families who currently employ staff, in any capacity. One challenge we are often presented is, “we are not important or famous enough to require bodyguards”. This common perception is difficult to shake, and we would be the first to highlight the many issues of employing a ‘bodyguard’ in the true sense of the word. What we believe is that everybody should have access to relevant levels of security in the workplace and at home. The greater the target, the greater the threat to consider. By using the scenario above, we could replace office with house, and employee with catering staff. We end up with a particularly daunting prospect of a family’s private space being infiltrated by an outsider, both digitally and physically. The aim may be to capture financial information such as bank details or record planned movements for a future kidnap attempt. It may be for surveillance means or to conduct corporate espionage.
The point here is that without adequate, appropriate training, those who work for us can pose a very direct risk. Several security consultancies, including ourselves, provide this training to large corporate organisations in the UK and overseas. At the most fundamental level is basic security awareness training which covers topics such as the importance of checking ID, locking doors, incident muster point locations, computer security and many more. At the other end of the spectrum is more advanced, specialist training tailored to specific requirements. As an example, we are currently engaged with companies wishing to expand their markets into Africa, and we will soon be taking them through hostile environment awareness training courses (HEAT) to better prepare them for the diverse threats they will likely face. This involves intensive theoretical and practical learning covering cultural differences, communication, local and geographical threat profiles, actions to take in an ambush and how to survive kidnap. Not many of these consultancies work in the private family sector but we view a family office much like a business and believe that similar offerings should be in place.
A basic security awareness course delivered to household staff need not involve arduous physical exercises and intensive week long training (although it may, depending on the situation). Generally, we cover the following key areas, providing enough information to make a truly positive impact on the family, but without trying to create a security professional:
– Threat and vulnerability assessment
– Common tactics and procedures
– Conflict management
– Digital and cyber safety
– Emergency and Paediatric First Aid (accredited)
– Environmental awareness
– Communication skills
All training should be bespoke and fit for purpose, which is why we do not use template solutions or simply deliver any similar existing qualifications. The benefits of providing learning to household staff far outweigh the negatives and in an increasingly competitive market, learning and development is a factor which should be considered. Companies place huge emphasis on the development of people, and it is in our nature to strive for improvement. My original question was whether there is another solution to the in-house or out-sourced security issue. In my opinion, training existing family office staff to better deal with matters of security and to foster a culture of safety within a household will go a long way to bridge this gap. By increasing staff awareness of key issues and arming them with the means to identify and protect, we are not only increasing our effective personal safety, but also making them a far more valuable asset in the process.