A Conversation on Company Crisis Preparedness with former Boston Police Commissioner Ed Davis
Every business leader thinks and rethinks their business strategy, weighing the strengths, analyzing the weaknesses, pondering the opportunities and scrutinizing the threats. But when it comes to a company crisis, how many are applying that same due diligence to the protection of their brand, the safety of their people, and the security of their assets?
Former Boston Police Commissioner Ed Davis says that paying attention to security challenges— before a crisis—should be a priority for every business leader.
Denterlein Vice President Jill Reilly recently sat down with former Boston Police Commissioner to discuss today’s security challenges and his thoughts on mitigating them.
No stranger to complex security matters, having guided the City of Boston through the Marathon bombing and dozens of other events, Davis emphasized that preparedness is key to keeping an organization’s people and assets safe. He also stressed that a critical piece of being prepared is to integrate crisis communications into your crisis management plan.
Reilly: In your role as Boston Police Commissioner you managed some very high-profile events – the Boston Marathon bombing and six professional sports championship celebrations, just to name a few. Now you are applying that experience as a security consultant. What are the security challenges that you see organizations face?
Commissioner Davis: What we have seen across our broad spectrum of clients—which range from large entertainment venues to universities to sporting facilities to large corporations—is very consistent.
The threats may be diverse, but the concern is not. They all ask, “How do we best protect our people and our assets?”
Reilly: Given the times in which we live, I’d suspect that many organizations are concerned with terrorism and how that might impact their operations. But what are some of the other threats that may keep the C-suite up at night?
Commissioner Davis: Of course, terrorist acts are a serious concern and we work with entities on minimizing those risks. But something else is very clear and more universal.
Whether organizations are dealing with workplace violence, computer intrusions, intellectual property theft, sexual assault, mass shootings, industrial espionage, or financial malfeasance, there is a common thread.
From my experience, that common thread is the emerging insider threat. It is clear that employees, perhaps a company’s biggest asset, may also be their biggest liability.
We are working with one global corporation with safety issues in a plant in Southwest Asia. There was a violent incident committed by one employee on another. The attacker was arrested and, it seemed, case closed. However, the employees in the plant complained about purse thefts, violence and aggressive behavior by the security staff.
The cracks exposed by the violent attack were a shock to the company’s leadership. It is critical to know your people.
Reilly: These seem like intractable problems. How do you go about addressing them?
Commissioner Davis: We have seen a gradual shift from outside attacks to the issue of the threat from within.
With strategic and tailored crisis planning, training, cyber security threat assessments, policy review and development—workplace violence and other internal crises caused by an insider, can be effectively managed.
We are working with one client now that hired an individual without doing the due diligence required. The individual, while well-liked and talented in his field, committed a crime outside of the workplace.
The incident, which made the news, had a very detrimental impact on the organization’s reputation. They did not think that their employees were an issue. It’s important to select a talented team that brings deep, relevant security experience to each organization’s individual needs, with a focus on practical solutions for an increasingly dangerous world.
Our team of former and current federal, state and local law enforcement, military officials, researchers, and attorneys is comprised of national and international security, investigative and technology experts. We tap into that deep experience and expertise to create customized, technology-driven strategies to inform, empower and prepare organizations to handle security issues, of every complexity.
Risk management assessments are a key. It is important to identify and evaluate gaps, potential risk factors and hazards specific to an organization’s day-to-day operation and provide recommendations to improve information security decisions for the elimination and/or the minimization of risk. It is equally important to evaluate and test your policies, practices, and systems at regular intervals to ensure you are optimally protected.
— Boston Police Dept. (@bostonpolice) April 18, 2017
Reilly: We often see the intersection of communications and crisis incident response. How important do you think it is to blend a crisis response plan with a communications plan?
Commissioner Davis: We work with many of our clients on developing a customized program for crisis response.
We ensure that they are prepared by emphasizing situational awareness, and providing practical steps that employees and other members of the organization’s community can use before, during, and after a crisis. A critical piece of this work and protecting an organization’s reputation is crisis communications.
Reilly: When issues erupt that can impact employees, customers, the community, as well as an organization’s reputation, having a crisis communications plan in place, along with the right individuals to implement it, makes a huge difference.
Prepared organizations need to develop a separate communications strategy and with it a dedicated team to assess the situation. The team can evaluate the risks, review the facts, identify the key stakeholders, and can put the organization in the position of telling their story in their own way.
— Boston Police Dept. (@bostonpolice) April 17, 2017