Thursday, October 11, 2012

The Lesson from Benghazi

The tragic – and apparently avoidable – death of an Ambassador and 3 other officials is another grim reminder of both an endemic and systemic problem:  the United States is a reactive country.  And this is a significant problem for both national security strategy and business security.  Loss of life is certainly far more important than the loss of physical or intellectual assets, but the underlying principle is basically the same:  we fail to provide adequate security.
As a nation and in the business sector, we tend to be more reactionary than proactive – we have a long history of “not closing the barn door until after the horse has run off.”  We believe that bad things can happen, but only somewhere else or to somebody else;  and even when we recognize that something bad may happen, we rarely expect the worst-case scenario to occur.  We tend to look only at the immediate past for the information with which we make our decisions regarding the immediate future.    So when there are few actual, everyday problems or incidents, security becomes an afterthought and again becomes relegated to the status of “necessary evil.”
We fail to recognize that the law of averages and the intent of our enemies will ultimately affect everybody. We rely on our God or Lady Luck or whatever to keep us safe from “the big one.” The security assessors and planners are always viewed as the naysayers,  the ones who bring negativism to the table because, while everybody else is talking about peace and détente and political correctness, the person charged with looking for the bad things will raise his hand and ask “...But what if...?”  And all the shaking heads will turn in that person's direction and his views will be looked on as the ramblings of someone who isn't really with the team or on the bandwagon because "...those things just won't happen to us." But they can...and they will...and they usually do happen.
The major cause for having inadequate security is readily apparent:  the people who do the security assessments and create the security plans (in other words, the people who are the most likely to know what to expect) are never the ones in complete control of security. Responsible and accountable and scapegoat-able, yes. In control, no. Why? Because someone else always controls the decision to implement the plans and policies, the money and the resources. Some bureaucrat or executive always has to look at what the security readiness plan will entail and cost and determine – usually in a completely uninformed way – if the imposition of inconvenience and expenditure is really worthwhile, and if the funds and other resources are really most wisely spent on something that may never happen.  So with this fiscal attitude, bolstered by our naïve and erroneous belief that it can't happen to us, the will and the money and the resources we need for truly adequate security are never in place when we need them most – preferably before, but at least at the beginning of some disaster.  And we suffer again.  Needlessly.
Both our nation and the business world need to recognize the importance and value of security.  Our post-9/11 world,  coupled with the realities of today’s economy, makes the practice and implementation of adequate security a virtual necessity.  No longer can the protection of our people and our assets be relegated to good fortune and happenchance.  Rather, a systematic approach to assure that everything reasonable is being done to guarantee our nation’s and our business organizations’ safety and financial well-being is of vital and strategic importance.  And the marketing and selling of the concept of adequate protective efforts is a job that must be continually and relentlessly pursued by security professionals, since bureaucrats and executives are most often concerned only with the things that undermine the ability to provide good security.