Dinesh Pillai, CEO of Mahindra Special Services Group
The internal security threat
scenario in India is not free from anxiety. Despite the actions by the government in dealing with the two-fold threats of terrorism and insurgency in the country, Wednesday's serial blasts in Mumbai reaffirmed that terrorism is a part of our everyday life and it can strike at its will. Cities and towns, generating more than 65 per cent of the GDP, are increasingly becoming a target for anti-national elements and miscreants. There is a possibility that corporate houses can also become target of this kind of devastation.SPECIAL:How disaster-ready is India Inc?
When you compare the actions by the US government post-September 11 attacks, our government has a lot to do in terms of policies, its enforcement, efficient intelligence channels, better-equipped police and civil defense personnel, governance and cutting down on bureaucracy, and red tapes.
Corporates must realize that dependency on the government machinery in times of a calamity may be disastrous, looking at the overall infrastructure. I agree there is hardly anything that a corporate can do to prevent the attacks like Wednesday's Mumbai attacks. Nevertheless, the proactive nature of a corporate can prevent the recurrence or planning of similar incidence from within. An excellent emergency response plan will ensure the safety and security of the personnel, both within and outside the office.SPECIAL:How India Inc dealt with 2008 attacks
In the last one year, more companies have made substantial investments in terms of security apparatus, and personnel. Nevertheless, there are huge gaps in the overall infrastructure due to our dependence on technology solutions. These are some points for the corporate to ponder on:
1. Focus on doing physical security engineering rather than deploying technology. While technology solutions like access control, CCTV, baggage scanners are required, corporates must concentrate on the designing security processes and caliber of security personnel, if they want to be reasonably sure of their security infrastructure.
2. Instead of doing classical audits that only tell you the presence of controls, companies must move towards testing the efficiency of the controls. Check how easy or difficult it is to break the security systems. Organizations must check whether unauthorized personnel, vehicles and material can move in and out of the premises. How good is the incidence detection and response mechanism? Standard audits will never give you these insights.
3. Invest in security leadership personnel to manage the infrastructure, who come with the experience of facing these kinds of situations, rather than depending only on the outsourced security personnel.
4. Create the emergency response framework and train every personnel. This is much beyond putting emergency exit signage and evacuation maps, which makes a mockery of this process.
5. Set up information dissemination channels like call trees to pass the correct data to every one with minimum load on communication infrastructure.
6. Evolve crisis management framework and train the stakeholders. Do continuous evaluation of the process efficiency.
7. Intelligence gathering and sharing with police personnel and neighboring organizations and even integrating the security infrastructure.
Corporate must focus on the above points. However, we need to focus on the security of the city as well. This will call for Public Private Partnership (PPP) model, through which areas like city surveillance, civil defense preparedness etc can be addressed. To make this happen, the government must create platforms for the corporate participation, investment and a return on investment model.(Dinesh Pillai is CEO of Mahindra Special Services Group