This week we had a pleasure to have a discussion with Marko Cabric, Corporate Security Management Expert, Practitioner, Consultant, Lecturer, who has an impressive background, having worked with Israel Defense Forces, Israel Airport Authority, Embassy of Japan or leading Serbian bank, to name a few – who kindly provided us with some interesting insights into Corporate Security Trends nowadays and also touched on some items which many of us are not perhaps fully aware of. Read on – transcript of our conversation below:
First and foremost, because you worked both in the private sector and public sector: what would you say are the greatest differences, or challenges, in working for a government employer and a private, when it comes to providing security?
Marko Cabric– For the government, security is a core business aspect – meaning you focus on mitigating security risks. When you work for a cooperation – the main goal is profit. The mindset of someone who works in for a governmental organization is very different from someone working in the private sector. In government institutions you try to mitigate all the risks, meaning risks is something that you stop. In contrast, corporations need risk in order to profit, meaning risk and profit are closely connected. When a security officer transfer from a governmental institution to a private, he tries to stop your company from taking risks – and your company needs to take risks in order to profit. So, you need to change your mind-set and instead help your company take risks.
Now, companies usually look at risk as different concepts, and is also something that different departments handle. For instance, you have financial risk, you have operational risk and you have security risks. Meaning you have one person that deals with financial risk, and another that deals with security risk, and one that handle operational risk, and so on. Often these different parts do not communicate very well, I can also say that in corporations – the ones that deal with financial risk are the big guys. Security is, unfortunately, one of the smaller aspects of risks. But in my opinion corporations should work more at assessing risks as a whole.
Could you give an example of how corporations can work towards that end?
Marko Cabric: Take the hotel industry as an example. Perhaps you are familiar with Maslow’s human needs pyramid? First you have the basic needs and then more luxury things. Security is a basic need, but somehow hotels always miss the security aspect – meaning they will advertise luxury, food, ocean view etc. but not security, which is definitely one of the core parts. If you take the example of Marriott hotels: they have suffered three devastating attacks in the last few years, but if you Google Marriott hotels you will not find anything about Marriott improving their security. They likely did, but they will not advertise it in any way, they do not mention security on their website.
Is that to do with the tradition within the security business, of working without being seen? Would you say there is a need for a change, and that corporations should start using security in their PR?
Marko Cabric – Yes, actually, I’m writing a book where I study the sales and marketing potential of security, and it is clear that security can add value to your product. Let me give you an example from my carrier – Philip Morris International. When I worked for their East Europe division, we had almost daily robberies, meaning the company was suffering extreme losses. Then we introduced a system, where one of the elements included security vehicles escorting the deliveries. This gave results, meaning the robberies basically stopped. But what I was surprised about at the time, was that the sales actually increased with some 20-30 %. When the costumers saw that the gods were escorted by security vehicles, they got the feeling that the product was valuable. Even though the price in the stores was the same, they knew that Philip Morris had security escorts for their products – meaning the value was higher. So security clearly adds value to the product. Philip Morris actually continued to use security escorts after, more as a sales tool than there being any actual need to protect the product.
Do you think this can be transferred to, for instance, the hotel industry? That staying at a hotel where you know a lot of security measures are in place adds value? Or perhaps working for an employer that can provide added security?
Marko Cabric: Yes, Cornell University did a study on hotel security and found that some 80 % of costumers wouldn’t mind paying for more security measures. Unfortunately, hotels are still not using the benefit they could extract from security. If you would advertise security you could also add value. Let’s take the tourism industry in Tunisia as an example: the tourism dropped dramatically after the attacks. What is the hotel industry did, was that they lowered the prices. But guests know that price and security is somehow connected, meaning the lower the price the more risk they take on themselves.
So that old notion within the travel industry, that if you are open about security, you would scare away travellers, is not necessarily true.
Marko Cabric: No, and I’ll tell you another example – I was working in Kenya, after several terrorist attacks occurred. The tourism industry was loosing costumers, and naturally they wanted to strengthen their security. So they ask me “How can we improve our security in a way that our guests don’t notice it.” But I said, guys – you have completely misunderstood. One thing is security, another thing is the feeling of security, and they are not always the same concept. But if you want to change something, you have to address both, the security and the feeling of security. And if you want to attract guests, you especially have to improve the feeling of security – you therefore need to advertise security.
Are there new challenges that are becoming more important when it comes to corporate security?
Marko Cabric: Nowadays companies are always trying to find new ways for reaching clients, and you are more and more going to emerging markets. But the emerging markets are not very stable, so of course the companies are taking a financial risk to invest in these kinds of countries, as well as taking greater security risk. Terrorist organizations in a lot of these countries are also finding new and innovative ways of funding, for instance kidnapping for ransom. That is a very good source of income, and new companies in these regions are not yet able to mitigate these risks. Security within corporations is still, as we said before, quite a marginalised area. But it is necessary for companies to protect their employees and the company in emerging markets. Another change is in how terrorist organizations work: before they were planning big scale attacks against governmental institutions, meaning infrastructure, government buildings and so on. But now, for instance IS, is realising – we don’t need to attack homeland targets, we can attack corporate targets. We can attack nightclubs, supermarkets, whatever. And that actually gives a better return than attacking embassies etc. First of all, the security is much lower – so there is a better change of penetrating, second – they are all civilians. This development means that, more and more the fight against terrorism is on the corporation’s desk, rather than on homeland security organisations. Which of course present a new challenge to companies.
picture: Omer Unlu, Flickr