News & Resources


Download as PDF

Properly Assessing Security Risks

Robert Tucker writes article for Security Director on the need for risk assessments

July 14, 2005

By Robert S. Tucker
Chairman and CEO
T &M Protection Resources

As the trauma of September 11 subsides from daily American life, cost consciousness is creeping back into the security budgets of corporations nationwide. With greater regularity, security directors are pressed to defend their expenditures and even, at times, to cut costs. When it comes to having adequate protection and security systems in place, the familiar mantra of “Do we really need it?” is increasingly heard inside boardrooms. This disturbing trend could have severe consequences, not only in financial costs and reputation damage, but also in the potential human toll.

The real bottom line is this: there remains no doubt that another terror i s t attack will happen. The question is not if, but rather, when will it happen? Unfortunately, the answer rests with the individual or group plotting the attack, either against our country or a particular company.

Although the U.S. government and the police have done an admirable job in keeping us safe, dangers still remain and continue to grow.

Security directors need to constantly keep up with the latest threats and possible methods of attack. As a result, they need to make sure that their companies periodically look in the mirror and analyze the procedures in place to guard against both immediate and future risks. In addition to terrorism and other large-scale catastrophes, organizations must remain vigilant of any random attacks that could be carried out—whether by zealots, current or former disgruntled employees, or simply an unstable individual with an axe to grind.

It is important to remember that when such attacks occur, there is no “chatter” or other type of warning. Instead, security personnel must make spurof- the-moment decisions. To increase their effectiveness, they need to have surveillance technology in place that can help buy them a few precious minutes or seconds.

The first step to providing effective security and protection is to conduct a threat and vulnerability assessment.

Industry experts emphasize the need to have a comprehensive review done that addresses the modern threats facing businesses today. The world is changing rapidly. Unfortunately, the threats and types of dangers we face seem to evolve even more quickly. To reach the elusive goal of moving one step ahead of the bad guys, a company needs to make sure that its security program is truly up to 2005 standards.

The process should always begin with an open, honest and exhaustive security assessment. Often, organizations enlist the services of a reputable firm that can properly analyze the security situation and provide information about the latest threats. The security team then makes detailed recommendations on the appropriate tools and techniques that should be employed. A complete top-to-bottom evaluation will catalog and grade an organization’s defenses against any potential problems or breaches of security. In the final summary, what remains is a clear picture of where a company is and where, exactly, it needs to be.

For example, most organizations have hopefully upgraded to digital technology by now. If not, using the most effective technology is one area for improvement. Regardless, the need for equipment upgrades certainly doesn’t end there anymore. Companies also need to consider the following issues:

  • Are all the security cameras in the facility integrated into one single information source?
  • Do they have trained professionals monitoring and analyzing the valuable data that flows in 24 hours a day, seven days a week?
  • In addition, is the central monitoring location itself safe from possible attack?
  • If an attack on this site happens, will it take the rest of the security system with it?

If the answers to these questions raise red flags, then changes to the program will definitely be needed.

Of course, the checklist goes much further in terms of hardware and other technological tools. A thorough assessment should also cover a company’s security procedures and protocols.

  • For example, do employees wear photo identification badges?
  • If an employee resigns or is terminated, is there a system in place to recover both the badges and any keys that the worker might possess?
  • Do visitors show identification upon entering a building?
  • Is there a written record of date and time whenever a person enters or leaves a facility?

If these rudimentary procedures are not in place, a security expert needs to determine why they are not in place and determine what changes are warranted.

The days of a one-dimensional security plan have long since passed. Because the range of safety and security threats has become so complex, the security industry, with the help of te c h n o l o g y , continually improves tactics to meet these ever-evolving demands. Now, more than ever, companies need to re-evaluate their programs and to seek professional assistance on the risks they face.

In the final analysis, it is far better to receive poor marks on an assessment and to fix the prob l e m s rather than ultimately failing a test that really matters: real life.


About T&M Protection Resources, LLC
Established in 1981, T&M Protection Resources is headquartered in New York and  provides high level security, executive protection and explosive detection services, technical security systems and countermeasures and consulting services to leading corporate, institutional and private clients with special concentration in financial services, commercial property management, major sports franchises and organizations that are part of our nation’s critical infrastructure.   Through its Forensic Investigative Associates (FIA) division, T&M also offers expertise in corporate due diligence, fraud and forensic investigations, compliance monitorships, litigation support, and global intelligence services.  For more information, please contact T&M Protection Resources at 212-422-0000 or visit our website at

In November 2007, Pegasus Partners IV LP (“Pegasus”) became a minority partner of T&M. Pegasus is an affiliate of Pegasus Capital Advisors, LP, a private equity firm that manages close to $1.8 billion in assets through several private equity funds. The firm provides creative capital solutions to middle market companies across a wide variety of industries, with a particular interest in businesses that make a meaningful contribution to society by positively affecting the environment, contributing to sustainability and enabling healthy living. For more information, visit the firm’s website at

For more information, please contact T&M Protection Resources at 212-422-0000 or visit our web site at