Has the security profession stepped up to the challenge?
A review of the changes to the security sector over the past ten years, today’s realities and predictions for the next decade – revealing the multi-faceted challenges faced by those in the security workforce.
When asked by City Security magazine ten years ago what the role of front-line security officers would be in the future, – our comment was “they will be the people with the screwdriver”. Whilst not entirely the situation now, our concept was based on decreasing budgets for people services, increased technology deployment and higher pay demands from workers in non-technical roles.
The reality today is we have a decreasing pool of people attracted to private sector security, many that are recruited are not interested in day/night shift working, and private security suffers from a poor reputation for the entry role of the security officer. Follow ‘Violence Against Security’ or ‘Working the Doors’ on Twitter or Instagram, and you’ll witness how they capture the acts of violence that security workers are subjected to in day-to-day activities, including grievous assault and being run over by criminals.
Over the last three years, technology providers of security systems have rolled out enhanced solutions driven by clients, who have been actively recruiting an engineering interface between the supplier and themselves. Remuneration for in-house roles has added 25% to basic engineer salaries, with benefits not matched in the industry. There are few open vacancies in security technology at just one in fifteen.
UK employment statistics from the Office of National Statistics show record lows in unemployment with nearly 30 million people in work. From a population of 67 million, two million of working age are unable to do so due to long-term illness.
Furthermore, millions of people have withdrawn from work due to early retirement or are not reliant on an earned income. This has led to one million vacancies currently. More than 50,000 of these are cyber protection roles.
In 2012, Director Yasmeen Stratton implored those at a Chief Security Officer level to upskill their teams to gear up for the emergence of cyber criminals, to invest in protecting their corporations, staff and customers.
Many in the security executive did not rise to the occasion, leaving an opportunity for a cyber land grab from IT, supported by the executive board, as they had little idea as to what their security executive could deliver. Ten years later we see global corporations investing in holistic security solutions to combat online fraudsters, and inept and deceitful employees.
During the pandemic, many physical security managers and executives came to the fore, flexing resources, developing strategies – though not always fully supported by senior management (due, in the main, to their non-interest) – but we now have a group of committed security risk managers who proved to be excellent in planning and execution.
The next decade
Unplanned events, people-driven or caused by climate change, will increase in their severity over the next ten years. Single-theme activism catches the board’s attention as they worry about reputational damage but there should be more concern about how staff are affected, some will have empathy with the protesters.
Proactive corporate security departments mitigate such threats, with geopolitical appraisal, know-your-customer analysis and adherence to global standards. This approach should be part of the organisation’s post-sale oversight process for the goods and services they sell.
There have been countless cases of third-party suppliers allowing systems at the heart of an organisation to be compromised and this remains a major threat. However, we are now seeing organisations recruit and invest in greater digital gatekeeper protection.
KuppingerCole research indicates that the passwordless authentication market is growing rapidly and will reach over 6 billion USD by 2025.
The cybersecurity workforce has reached an all-time high, with nearly five million professionals employed, but there’s still a global shortage of over three million workers in this field, according to the 2022 (ISC)2 Cybersecurity Workforce Study.
In October, the US Attorney’s office found against Joe Sullivan, former UBER CSO, that he hid details of a 2016 hack that stole more than 57 million people’s information to protect Uber’s reputation and his own. He eventually informed then-CEO Travis Kalanick of the breach and paid the hackers US$100,000 in bitcoin.
One of the themes during the trial was how concerned organisations should be if they have not war-gamed the big challenges. Often this is because their security management do not have the creditability to deliver this to the Executive Board.
The next big thing in the security management portfolio is the imperative for it to become a stakeholder in the Environment, Social and Governance (ESG) agenda. This is a multi-faceted initiative often with traction for both shareholder activists and Generations Y&Z both as consumers and work colleagues.
The danger here is our B2B customers not sharing our corporate values, and our concerns with the organisation’s impact on the planet on society, and about how the organisation is governed. Is the organisation able to be transparent about all its dealings?
Within ESG, there is much that fits the progressive security department, but are they up for challenging the norms? Can they deliver the intelligence and advice the corporation requires not to fall on the ESG sword?
Peter J French MBE
Chief Executive, SSR® Personnel
For more articles on how to develop your career in security, see our Security Careers Category.
For more articles from Peter French