Seven Security Principles For Filipino Managers

July 26, 2018

tags: Adsum Risk Consulting, business risk, emerging markets, enterprise security, promotion, risk consulting

Via Wikimedia Commons.

Companies that do business in emerging markets, where stellar GDP growth masks chronic law and order problems, need to be realistic about their expectations. The labor might be cheap and the talent plentiful, but some very serious nasty shit can go down–and take the brand and the organization with it. No kidding.

When it comes to the Philippines, for example, there are specific risks the C-suite must anticipate because these can inflict harm on both operations and reputations. To avoid the worst, a proper mindset helps a ton. Take it from John Walker, a veteran security professional who runs Adsum Risk Consulting (ARC).

Hire The Right Person

A dark secret of the private sector in the Philippines is an unacknowledged crisis in qualifications. If companies must hire security managers (and they absolutely should) the ideal candidates have the background and the right paperwork to vouch for their abilities. “Like any other profession, security isn’t easy,” John says. “It takes a professional with depth of knowledge and breadth of experience to be effective.”

Separate Security From HR

Having worked as a troubleshooter for large and small operations, John is familiar with all the missteps companies make when failing to protect their business. An egregious mistake is putting the responsibility for security matters under the human resources staff. This shouldn’t be!

“HR people aren’t educated in the same functions as security professionals so things fall through the cracks,” John explains. Since internal fraud is one of the most common problems among institutions John is adamant security must be an autonomous department. “Criminal insiders can influence people they know in HR and get away with it,” he warns.

Too Many Guards!

After three decades of working in the Philippines, John is appalled at how ill-trained security guards are tasked with inane chores. “The majority of any company’s problems are internal so using a security budget on more guards isn’t going to lessen the company’s exposure to threats,” John says.

“Nothing frustrates me more than to walk into a restaurant and be greeted by the guard, who then finds a table and pours me a glass of water,” John says. “Consider the liabilities if something happened and the guard was needed, but he was doing customer service instead!”

Know Where To Find Security Pros

When it comes to delicate internal matters or a potential crisis that harms a company’s bottom line, John believes a risk consultant is the ideal option. “You [the company] will need outside help from time to time,” he explains. “Your security agency won’t be able to do much in this scenario. What they’ll do is try to sell you more guards.”

So the sensible course, according to John, is finding a reputable professional with a broad enough skill set to untangle the most mind boggling business dilemmas. Who’s siphoning off funds? Why are there irregularities in cash disbursements? How come the junior accountant has a flashy new car?

Take Advantage Of Technology

If there’s better software available for detecting suspicious activity in the company’s network–pay for it!

What about the upcoming webinar for educating the rank and file on cybercriminal tactics with email? Make it mandatory.

“Many times, since manpower is cheap in Asia, companies will skimp on tech,” John says. But companies shouldn’t.

But Use Technology The Right Way

John has a wealth of experience to draw from on companies doing dumb stuff.

“A senior manager should never sign off on an expensive security apparatus only for the security manager to circumvent it later on,” John shares.

“I can point out lobby visitor manager systems,” he says. “These systems work on bar codes for specific visitors who have business in a building. I see them used around Asia and a lot of times there are more people in the lobby than ever–in direct disproportion to what was intended.”

Security People Do Security

There’s a very clear difference between customer service and security, John insists. “If there’s no need for a [security] guard then don’t get one,” he says.

“If you need more customer service types, then go get some more. But whoever does security should only perform security functions,” John says.

So how do organizations learn to protect themselves from the downsides of the business environment? As far as John is concerned, the first step is finding a boutique security provider who can tailor solutions to the client’s needs. If your organization is looking for a risk consultant right now, you can get in touch with ARC here.