Companies Examine Capitol Riot for Security Lessons
The siege is forcing organizations to pay closer attention to property and personnel risks, risk management experts say
By Jack Hagel
Companies are adjusting security strategies and reviewing personnel policies in the wake of this week’s deadly riot at the U.S. Capitol in Washington.
The most obvious takeaway from Wednesday’s violence: Companies need to better monitor and manage risks posed to corporate premises, particularly as physical threats have risen over the past year. If the Capitol—possibly one of the nation’s most fortified buildings—can be overtaken, then it is likely companies have some work to do, risk managers say.
“If I’m a CEO today, I’d better have my corporate security officer in my office,” said Mark Beasley, director of the Enterprise Risk Management Initiative at North Carolina State University, which examines corporate risk strategies.
Companies are expected to study the riot, during which a mob of President Trump’s supporters overtook police to infiltrate the building that houses the U.S. Congress, for lessons on preparedness. They will also see it as a sign that violence could be more likely to arrive at corporate doorsteps, Mr. Beasley said. The upheaval could be seen as a touchpoint for copycat events targeting storefronts, headquarters or factories.
“Mob attacks could come at a brand,” Mr. Beasley said. “Every entity ought to be thinking: ‘Could our walls be scaled? Could there be enough anger against my product that that kind of breach could occur?’ ”
Sixty-nine percent of executives saw a dramatic increase in physical threat activity against their companies last year, according to a survey released in December by the Ontic Center for Protective Intelligence, a research arm of Austin, Texas-based software company Ontic Technologies Inc.
Organizations should consider developing and reviewing policies and offering training to prepare employees for risks such as intrusions from protesters or active shooters, according to executives at Navex Global Inc., a Lake Oswego, Ore.-based risk and compliance software company.
Some of those threats could be amplified as more companies respond to Wednesday’s riot, according to risk management experts. Several companies have moved to distance themselves from President Trump and his supporters. Such decisions could make companies targets of physical threats, the experts say.
Companies that sit on the sidelines also may face reputational risks, according to Mr. Beasley. Firms that don’t take stances, particularly when their customers expect them to, are vulnerable to negative attention or boycotts, he said. Brands seen as favored by one side of the political spectrum are also vulnerable. If brand disapproval escalates, physical or reputational risks could extend to property or employees, Mr. Beasley added.
“We don’t know where the next issue will occur that might lead to additional unrest,” said Carrie Penman, Navex’s chief risk and compliance officer. “No matter where an organization is located, I’m pretty confident most of them have been thinking about what their response needs to be.”
Other risks emanating from the turmoil include employees who might have been involved. Some companies said they fired employees who participated in the riot after seeing images of the employees on social media. Terminations can also increase physical risks in the form of retaliation from disgruntled employees, security experts say.
Organizations can require background checks before hiring employees or develop employment agreements that include separation clauses for convictions related to illegal activity, said Bob Conlin, Navex’s chief executive. “Perhaps more importantly, they can work hard to develop strong, positive workplace cultures by addressing social issues head on,” he said.
Article Link: https://www.wsj.com/articles/companies-examine-capitol-riot-for-security-lessons-11610200808?mod=searchresults_pos1&page=1