To SeMS or not to SeMs, that is the question

With the ever changing landscape from terrorism the security industry has in the past been a reactive industry. It is changing and the industry is learning that whilst there will always be a reaction to an action the security industry has been changing its approach and becoming more proactive by employing a preventative approach in terms of tactics and strategy. Security cannot be achieved by the reliance on police or security providers in isolation. It has to involve everyone, there has to be collaboration, integration and a sharing of the responsibility.

The recent events of Manchester, London Bridge have shown everyone the power of the community and the power of agencies working together, the dreadful fire at the Grenfell Tower Block, Notting Hill, London has echoed and evidenced the power of a community working together.

However, the challenges for each entity to engage in the process is to set aside position, status or importance.  History has shown, like it or not, entities along with individuals will see themselves as more important than others, power struggles. We have all seen this in our own employment environment, this itself can be the inhibitor preventing engagement and positive outcomes, there has to be dialogue and positive exchange via negotiation understanding each other’s business and issues.

If we consider all the above incidents it doesn’t take too long for soul searching and probing questions to emerge, with the introduction of social media the public are more informed and more aware. It is inevitable that there will be accusations, speculation, media hype and sensational reporting, the power of social media can be overwhelming. As with any event there will always be follow up questions and unfortunately again history shows that issues or problems had previously been identified but no action taken.  Security or police will never have all the answers and there will be mistakes and things will get missed, however, if it can be shown that entities either by working together or alone using a systematic approach to security, with programmes and processes it will minimise the negative outcome.

The difference between risk management and crisis management is that with risk management the risk is identified and mitigated, there is time to study, research and discuss. A partnership approach working jointly can assist with the outcome. Conversely unlike with a crisis there is no time to research, study or debate, it requires quick decision making, decision making built upon experience and training.

This is why I view the systematic approach and ethos of SeMS plays its part in addressing both Risk management and Crisis management. My colleagues Andrew McClumpha and Andy Blackwell are champions of SeMS and I applaud the work they have done. I am sure there are parties who will question, “Why should I practise SeMS? we do this anyway.” As far as the aviation sector is concerned the suggestion is that airports will have to supply their collected data on processes and procedures to the CAA who will study and provide direction of compliance or areas of vulnerability.  I understand the point of view from colleagues working in airports who have to collect and supply this data for another to view, which can be seen as an efficiency saving for the CAA in terms of time, money and resource, devolving the responsibility to airports which will be an additional expense to the airport.

However, I would define SeMS as a systematic provider, in today’s environment the collection of data is part of the day to day business, the recording and analysis of data is to ensure vulnerable as well as efficient and effective areas are identified.  Providing that data to another is part of the collaboration and integration. Identifying and nominating roles and responsibility providing accountability leading to team work and discussion where each department works in harmony with the other.

Although I am not a practitioner of SeMS and I have never been involved in teaching SeMS however, I am a practitioner of intelligence gathering, process and procedure and evidencing those processes and although I understand the collection of data, check points and the assimilation of data may take time I am confident that most entities already have the process and procedures in place and the data to support the outcomes and processes. What they may not have is the set areas and position of ownership and responsibility clearly defined.

My observations and opinion is that SeMS does this, it clarifies what is required and by whom. It also teaches and installs, reaffirms the security culture and it is the security culture that will benefit the entity. The security culture is what should be the priority. Introducing and operating under SeMS multi agencies working together each adopting the SeSM principle will allow for the same outcome.

SeMS lays out the 10 areas for an effective security culture:

1. Management Commitment
2. Threat and Risk Management 
3. Accountability and Responsibilities
4. Resources 
5. Performance Monitoring assessment and reporting 
6. Incident Response
7. Management of Change
8. Continuous Improvement
9. Training and Education
10. Communication

They will enable each entity to work in unison, all can work towards mitigating risk and threat, training will prepare those for a crisis and operating during a crisis.

I cast my mind back to my own experience of that being a specialist firearms officer, an SFO, dealing with armed subjects, hostage situations, ambush and raid tactics. Why were we so good? Like all special forces, it is built on trust, training and a methodical approach, planning and preparation, each team member knowing their responsibility via a structure of responsibility and accountability, investment in selection and training, the team being fluid to fill in and assist each other as positions changed during live operations, the momentum being allowed to flow even when under pressure and when things went wrong or not according to plan being able to adapt quickly to the changing situation. The areas of SeMS mirrored in everything we did and way before SeMS was even thought about.

SeMS may be the new kid on the block but in reality SeMS is being practised, it is now being more formalised and I recognise the value from my own experience.

So my advice would be to embrace SeMS, its more than just data collection, you may find it is the glue required to bring your own entity and that of others together building and working as a team, providing the security culture and direction to work together understanding each other’s role, responsibility and accountability of each person from the top down. Providing the seamless approach, negating and minimising the risk and threat, above all allowing for open, honest debate and avoiding far reaching probing questions after an event.

The only threat to SeMS apart from cost is the appetite to change the mind-set and integrating some potentially desperate processes. Some individuals may still wish to run the risk of not spending on security, we all understand that there is not a bottomless pit of money, ultimately the customer pays, what SeMS should do is evidence the flow of information and provide accountability which in turn may make it more difficult for some to turn a blind eye and lean towards risk. To those who still wish to run the gauntlet of risk, I say look at history.  Manage your risk through a proactive, processes and procedure that is evidence based, built on history and best practise with accountability, responsibility, investment in training and constant review. Maintaining continuous improvement with the investment in the SeMS principles. 

To quote a phrase from a colleague:

“Change at first is messy, but satisfying in the end”.