Report: Preparedness Lacking for Many Firms as Sept. 11 Anniversary Nears
September 2, 2011
The days of walking into an office building without scanning a bag, swiping a card or signing in are a distant memory as corporate security has intensified in the decade since the terrorist attacks of Sept. 11, 2001.
Yet just one-third of companies report feeling well prepared for a potential threat or disaster, according to a recent poll by the Society for Human Resource Management.
"Although the percentage of organizations that feel prepared increased in 2011, still only 33 percent of organizations today feel they are prepared 'to a great or very great extent' and 42 percent 'to a moderate extent,' " the survey says. However, the number of companies with formal disaster preparedness plans has increased from 54 percent in 2001 to 76 percent in 2011.
Since the terrorist attacks, nearly one half of 306 companies polled report offering increased crisis management training and developed business continuity plans. Other provisions implemented as a result of the attacks include beefed up emergency communication plans, improved surveillance equipment and increased monitoring of emails and Internet usage by employees, according to the survey.
"In 1980 you could walk into any office building, enter any corporate office and simply wander around," says Daniel E. Karson executive managing director at Kroll Inc., a security consulting firm based in New York.
He says that corporate security practices have changed dramatically in the last 25 years "and exponentially since 9/11."
"Kroll's security investigations focused on stealing computers off desks and other valuables. Then in 1993 you had the first bombing of the World Trade Center and security started tightening. Then came 9/11 and the game changed forever."
Karson says that in addition to concerns about physical safety, companies now grapple with computer hacking, pre-employment screening and other types of security concerns. He urges employers to create a comprehensive crisis preparedness plan that addresses all kinds of potential threats.
"It's incumbent upon companies to do comprehensive background checks on employees with access to private data and intellectual data," he says. "It calls for looking into litigation dockets, social networking sites, and financial documents in order to get a better picture of who is working for you."
He says that while there are legal risks in collecting personal information, they are outweighed by the threat that a dishonest or dangerous employee might pose to an employer.
"If you go on a social networking site and see a job applicant with a reefer in their hand, then you've served your company well by looking at the site."