The unprecedented has taken our attention away from the precedented in terms of ensuring the operational resiliency of our businesses and it’s important that companies realize this.
Coronavirus stress-tested crisis management and business resilience strategies in new ways, but firms must remember to defend against established and existing threats such as those posed by terrorism. Sadly, we have seen the recent terrorist incidents in the United Kingdom where a Member of Parliament was murdered by an attacker armed with a knife in October, and in November, a suicide bomber activated his bomb on the grounds of a hospital in Liverpool.
Due to the frequency and seriousness of these events, the UK Government has moved the UK terrorism threat level from substantial to severe, which means an attack is highly likely.
Both instances alongside other terrorist events across the globe such as the terrorist explosions in Uganda show that there is still a clear and present danger to our societies from people intent on causing harm and destruction to further their political, social or religious cause.
Business leaders have put huge efforts into future-proofing their companies for the post pandemic world, so it makes sense to simultaneously ensure that their ability to operate and keep staff safe during unwanted events, such as terrorist incidents, is just as robust.
Understanding the Threat
For business leaders tasked with ensuring safety within their organizations, marauding terrorist attacks and mass casualty events are some of the worst imaginable and complex scenarios for which to prepare.
As these events continue to grow in scope, intensity, and frequency, they are becoming a greater concern for organizations and yet, many companies see such events as unpredictable and beyond their ability to address in any meaningful way.
This assertion could not be further from the truth, firms must understand the types of threat that they are exposed to, even indirectly, and assess their vulnerability to such attacks. A terrorist attack could involve firearms, but we have also seen other weapons used such as knives and vehicles, as tools to inflict chaos, death, and injuries in locations such as Berlin, Nice and London.
Many of the most recent terrorist events have been committed increasingly by so-called ideologically radicalized lone wolf assailants, or small groups of both men and women inspired to act, rather than being directed or guided by larger global terrorist organizations.
With unfathomable amounts of digital communication, the radicalization of employees is a rising threat for companies, as was witnessed in the 2015 attack on the Inland Regional Center in San Bernardino, California.
In a terror related incident, a company may have to lockdown their building, or if they are in a large multi-tenanted building, the building management team will likely lock the whole building down, denying exit or entry to any persons. Colleagues may be trapped in unfamiliar surroundings and buildings, due to the instructions of the emergency services as the terrorist threat may still be active and employees may be stranded either inside or outside security cordons.
A Global Issue
The pandemic may have acted as a suppression for some terror attacks on soft targets, yet as the world emerges from the coronavirus crisis, it is vital for companies to reach into their collective memories to recall the types of external issues they faced pre- COVID-19.
As of recent, security authorities in the United States have issued such warnings, urging people to remember that while there is discernible progress in tackling the pandemic, there are still evolving terrorist threats.
Some commentators also perceive cyber-attacks as potential terrorism, and these attacks can be state sponsored. These cyber-attacks can be on individual companies, often targeting data, denial of services, or targeting critical national infrastructure.
Regardless of the threat, or the source of it, such as state backed, from a recognized terror group, or lone wolf attacks, firms should ensure that they are as prepared as they can be for the variety of issues that could impact their business and potentially harm their employees.
Nobody is expecting any firm to fully mitigate every potential incident. Organizations can be expected to conduct a risk and vulnerability assessment describing the likelihood of a terrorist attack alongside reasonable plans to deal with the likeliest business impact of such events and a business continuity or resilience plan if the firm were impacted. For example, looking back to the devastation caused across the UK regarding vehicle-borne explosive devices.
Preparedness for these types of threats means simply enhancing and augmenting existing crisis management and business continuity plans and mechanisms that companies already have in place.
It’s important to also understand the risks associated with international travel, especially to countries with an enhanced threat environment or conflict as a result of terrorist activity. Safe travel planning and travel risk assessments are important tools in supporting employees engaged in international business operations.
Our advice to business leaders is to act sooner, rather than later, as being prepared isn’t about acting after an incident, it’s about being ready in advance of it. If organizations are interested in learning how Kroll can support you, please contact one of our Security Risk Management regional leaders.