The role of the modern corporate security and risk manager

corporate security and risk manager

Share this content


Mohamed Salim Al Ali, Security Industry Regulatory Agency (SIRA), explores the role of the 21st century corporate security and risk manager.

The job description of a security and risk manager is determining financial, safety and security risks for any company or organisation and trying to reduce them through planning and problem solving.

In addition, they oversee all related activities such as research and security training in order to evaluate and assess all related threats and risks for the company/organisation.

The details of the job description for the security and risk manager in any company or organisation is widely considered the same now as it was 25 years ago, however, many different factors have defined the role and changed the way people look at it.

In this report, we will discuss how different factors have affected the role of the corporate security and risk manager over 25 years.

When comparing the roles of a security and risk manager, it helps us identify all the different risks, crises and disasters in terms of management in evolving and different infrastructures, changing plans and response mechanisms, different kinds of possible threats, advanced technologies and how the role requirements have changed.

Infrastructure and environment

Many different companies, organisations, agencies and communities in several countries have different infrastructures in terms of population, complex buildings, roads, climate change and environments that have naturally changed over 25 years.

The buildings are unique and bigger with more advanced technology used in them, roads are wider and intersected together and several countries are experiencing climate change due to pollution and its effects on the environment.

This brings complex risks and threats, which will lead to an increased likelihood of crises and disasters and the complexity and consequences of different events that requires different and more flexible approaches to risk and crisis management.

Changing plans and response mechanisms

The ability to plan for different events has advanced over the years.

Risks and threats are not as foreseeable and understanding the complex patterns and methods to respond to modern crises and disasters can be difficult. The fact that we have advanced warning systems is not always enough.

Complex risks and threats have emerged in the 21st century. In 1995, security and risk managers’ duties were often limited to workplaces and they needed to focus on assessing risks and avoiding threats to organisations.

Nowadays, things are connected under the umbrella of security because of evolving strategies, measures and approaches that define the role of security managers.

Today, even a small incident can lead to a disaster.

Possible threats

The Oxford Dictionary defines a threat as “a statement of an intention to inflict pain, injury, damage or other hostile action on someone in retribution for something done or not done”.

25 years ago, threats were different and required simpler responses and proposed plans and studies.

Nowadays, there is a new era in the field of threat and risk management that differs fundamentally from the 90s.

For example, many terror attacks were typically restricted to single attacks on buildings and infrastructure and security officers often didn’t have to deal with them due to limited technology and communication tools used by terrorists.

Today, however, modern terror attacks are intended for maximum disruption and casualties.

There are usually multiple teams and series of attacks, advanced communication tools and technologies used in the attacks which demand security and risk managers to devise more flexible response strategies and crisis management plans for responding to these types of threats.

Advanced technology

The advancement of technology has had a huge and critical role in changing the perspectives on the role of security and risk managers.

In the 90s, security and risk managers used technology in terms of old computers with limited functionality and limited communication tools, which minimised the threats influenced by technology.

90s technology, more broadly, was also limited, which also meant communicating important information was limited to television, radio and newspapers – these were the media resources that reached a small number of people over a longer period.

Nowadays, there has been an increase in cyber-attacks, data breaches and unplanned IT and telecom outages. With an increased reliance on technology, there are now more technologically advanced risks.

Security and risk managers can use advanced technology tools in crisis management to send and receive important information and make it easier to provide control, in real time, and enable the ability to work remotely during a crisis within an organisation.

On the other hand, with new technological advancements comes new risks and challenges that need to be considered, such as hacking and data breaches as well as the misuse of the power of social media and misleading information shared on it, which could be disastrous for an organisation’s reputation due to the wide reach of audience instantly.

Corporate security and risk manager requirements

Over the years, the requirements for the role of a security manager changed based on different times and places as society’s perspective of it has changed as well.

In the 90s, many managers were hired based on work experience and minimal training or a certain degree with duties and responsibilities.

However, in the 21st century, with many new and evolved risks and threats, in order for the individual to work in the security field, they should have required training, such as first aid, training on the use of CCTV and different security systems, physical training skills and potentially should have been through some form of higher education.

They should have a certain set of skills and capabilities that make them adept to the dynamic changes within this field.

The future

The role of the security and risk manager is evolving and that is the reason for the continued study of risk, crisis and disaster management as environments change and grow increasingly complex.

Organisations, from CEOs to security officers, must educate and train future generations to develop a set of skills, build relationships and collaborate with others to help them prevent and effectively respond to emergencies and crises.

This will help them learn one of the most important factors in crisis management – proper communication within any organisation.

1-ISJ- The role of the modern corporate security and risk manager
Mohamed Salim Al Ali, SIRA


Receive the latest breaking news straight to your inbox