Archive for August, 2011

Executive Security Awareness Training

August 11th, 2011 Comments off

Should your executives be trained in basic security awareness and techniques? What can you do to spark interest? What if they don’t perceive the need? Is training effective in changing their attitudes and behaviors? What should this training consist of? These questions haunt corporate security VP’s, directors and managers…and they should.

Some issues that you can use to broach the topic:

  • Ask the executive if they have ever been followed to their work or home
  • Do they realize what is on the internet about them – have a full internet targeting report of publically available data (with photos) already done
  • Has the organization had any controversy with product, policy or practices
  • Has the organization recently had to reduce staff
  • Is the stock price plummeting

Using fear tactics does not work and is resented. It is better to reflect on the impact on the business if something happens to them. Be careful about using the “you owe it to your family” argument. A subtle, caring, but business-like approach has the highest chance for acceptance.

Effective training should offer them a perspective that is not what they think of day-to-day. They should be given the opportunity to view themselves from a potential adversary’s position. What value do they offer the potential attacker; balanced against the apparent risks involved for the attacker. This is not how anybody wants to view themselves but the position that these executives hold has its cost. Just like with celebrities, they give up some privacy and some anonymity.

The security awareness training should be done in a private/semi-private briefing using a ‘to the point’, logic driven format.

Content should include:

  • Target selection criteria
  • Past factual case examples
  • Surveillance and surveillance detection
  • Daily route and schedule planning
  • Home security awareness
  • Evasive driving

The most important factor to convey is that they can affect whether they are targeted but they will never be congratulated for doing so. You cannot document prevention but that should not diminish its value. They also do not have to totally disrupt their day, their schedule, or their personal style of engaging with people. Instead of just trusting to luck that nothing will ever happen, teach them to implement some basic precautions and know when to apply them.

Check out the IMAC online training course “Self-Applied Protective Measures for Executives” or call for a discrete private briefing at 440.878.5114.

Technorati Tags: , , , , ,

  • LinkedIn
  • YouTube