According to a survey of U.S. and U. K. travelers conducted by the Global Business Travel Association, 80 percent of respondents think their company has a legal obligation to ensure their safety while traveling abroad on business. But more than half carry no specific contact phone number for use in a crisis abroad and would consider legal action if they were not supported properly.
Security is a key player in establishing a company’s travel risk management program. A responsible program acknowledges that business travel is part of conducting business and needs to be considered in light of the duty of care obligation to employees traveling abroad.
The following speakers and authors give guidance on how to craft such a program.
Each month we off free content on our security spotlight topics. We also offer additional resources to the ASIS membership. Not a member? Join Today!
» View Past Security Spotlight Topics
(login may be required)
Recorded Seminar Sessions
Security Management Articles
Applications: Security in a Global Environment
Protection of Assets, Chapter 4
Managing Editor: Michael E. Knoke, CPP
The chapter’s content is organized into three sections. The first part defines the purpose of travel policies and guidelines, which must provide information to assess business and personal risks in various countries, then provide the tools to reduce those risks. Next, the roles and functions of five parties involved in corporate travel, including the traveling employee, are defined. The last sections delve into the characteristics of counties with various risk ratings:
- Low Risk, includes advanced communication and medical facilities, reliable law enforcement, and a stable government.
- Medium Risk, includes a history of high crime, travel disruptions, a weak economy, and rebellion against the government.
- High Risk, includes vulnerable or non-functioning political, economic, and legal institutions; violent factions or civil war; and little or no protection for foreign travelers.
These risk ratings are then correlated to the risks facing the business traveler or corporate personnel living abroad.
Mass Transit Security (2017)
Supply Chain and Transportation Council
The ASIS Supply Chain and Transportation Security Council has released a white paper on Mass Transit Safety, which emphasizes the importance of security awareness programs and including details on the terror threat cycle. The paper urges all organizations to implement robust and proactively reinforced mass transit security awareness programs for all staff members. Heightened intelligence of passengers, law enforcement personnel, and security officials severely decreases the chance of a terrorist threat or attack. According to the paper, "The incorporation of the threat cycle into agency security awareness training and public awareness messages can be vital to the prevention of an attack."
"Mass Transit Security" explores the effects and reasons behind terrorism on transit systems and identifies the steps of the threat cycle with clear lists of what to look out for. This concise framework allows for practical education of passengers, transit staff, and other officials.
Recorded Seminar Sessions
Developing a Risk-Based Executive Protection Program
Seminar Session 3305, September 2016
David Nicastro, CPP, Secure Source International, LLC
Arjo de Jong, Anthos Amsterdam
Roberto Atilano, C&A Mexico
The speakers recount their company’s experiences migrating from a “body guard” form of executive protection to a risk-based plan in both Brazil and Mexico. The each set the stage of security and safety risks in their countries, then describe how they developed a security master plan to help their clients and employees participate in their own protection. Among the steps presented are the following:
- Use professional drivers in low profile armored cars that blend into the environment.
- Develop a clear chain of command.
- Prepare briefings for family members on situation awareness and train through scenarios.
- Communicate information on risk situations.
Using prevention best practices, clients and employees can avoid putting themselves in harm’s way. “Muscles out; brains in.”
Kidnapping for Ransom: Managing a New Global Risk
Seminar Session 3313, September 2016
Leland Dean, CPP, Bank of New York Mellon
Scott Ruddick, MEDA
Ruddick is responsible for protecting aid and humanitarian workers as they work to improve the lives of the citizens they serve. Because they often consider themselves “partners in a community,” they can take risks, thinking they are safe because they have built partnerships. But they are susceptible to kidnapping, most of which occur as they travel from home to work. Through case studies, the speaker details how he educates the workers, especially in their use of social media that are fraught with personal and location identifiers.
Dean also has faced the threat of kidnapping among his traveling employees. He recounts ten steps a kidnap crisis management team must take within the first 48 hours, including the following:
- Verify that an actual kidnapping has occurred and that the report is not a “virtual kidnapping.”
- Talk to witnesses who are more able to remember details.
- Strive for a positive outcome.
While the team should include many parts of an organization--including insurance, finance, and business continuity—the group should pick one negotiator. While he recommends working with a kidnap specialist, he warns that the use of consultants can be a “legal gray area in some countries.”
Security Management Articles
“Terrorists Check In”
Security Management, July 2017
Alexandre Masraff, Onyx International Consulting and Services, Ltd.
Aude Drevon, Security Analyst
Emma Villard, Regional Security Advisor
Terrorist attacks against hotels can harm many people, garner international media attention, and express distaste for Western culture. Their attacks can involve more than one hotel in a city and result in the taking of hostages.
International laws require employers to protect their employees when they travel for work. Under this duty of care obligation, employers must assess foreseeable risks, inform employees of these risks, and train them to respond. One aspect of corporate risk policies involves choosing the right accommodations for traveling employees. Four options can be considered:
- International brand hotels: While reassuring to employees, they often meet terrorists’ selection criteria for targets.
- Regional chain hotels: While more low profile, these hotels may not receive a rapid response from security forces should an incident occur.
- Private apartments or houses: These locations may be difficult to find not only for the traveler but also for law enforcement.
- Residences owned by the company: This option can provide a high level of security, but also results in high operational cost for the company.
The hotel industry is responding to this growing concern by tightening security regulations, conducting educational programs on security for employees, and hiring chief security officers at each hotel with career opportunities.
Security Management, July 2017
Fred Burton, Stratfor Threat Lens
Senior executives can travel safely on their own with minimal intrusions on privacy as long as corporate security teams establish proper procedures and baselines. One model that has been adopted by many Fortune 500 companies empowers the executives themselves to increase their level of safety and security by adopting the following practices:
- Situational Awareness: Acknowledge that a threat exists and practice enhanced observation skills.
- Countersurveillance: Recognize that criminals will engage in pre-attack surveillance; learn how to detect these efforts; be ready to change routes, vehicles, or accommodations; and know how to alert authorities.
- Fire Safety: Note a hotel’s passable emergency exits, pack a smoke hood to avoid smoke inhalation, and carry a high-intensity flashlight.
Advance research requires the corporate security team to analyze the executive’s travel plans and the risks at his or her destinations. Establishing liaisons with security counterparts and appropriate authorities at the places the executive will travel is paramount. Building trust with executives and their administrative staff can ensure that business travel functions without security disruptions.
“Cyber Travel Tips”
Security Management, July 2017
Megan Gates, associate editor
Electronic devices carried by traveling employees, including security managers, can place them at risk. Based on the best practices of security experts, the article offers tips to help keep devices and corporate data secure while traveling, including the following:
- Do a Cleanse: Slim down and remove as much data a possible from a laptop and smartphone.
- Take the Right Bag: Use a zippered bank bag to store guns, electronic equipment, and anything that should be kept from prying eyes.
- Avoid Free Wi-Fi: Access Wi-Fi only from access points that are known to the traveler and ensure that access to work systems are through a HTTPS connection.
At the conclusion of the trip, check with the corporate IT department to be sure the electronics have not picked up malware.
Travel Security: Program Development
Webinar, Recorded April 22, 2016
Luis Morales, CPP, ConocoPhillips
Scott Shaw, CPP, Aflac
Nicholas Smith, Jr., CPP, Willis Towers Watson
These speakers also headlined a 2015 Seminar Session. But “the Paris and Brussels attacks were a game changer,” because the series of coordinated attacks shut down the city. That crisis caused the speakers to reassess their travel security planning. For example,
- Networks of organized terrorists exposed the vulnerability of communications through technology.
- Preparing travelers for similar attacks requires significant planning and increases the importance of situational awareness.
- Decisions to send out alerts or mass notifications must be based on scrubbed intelligence, not raw data.
While the speakers firmly believe that any travel-related issue is manageable when it is business critical, training exercises based on actual scenarios and travel-specific briefings can decrease the employer’s liability and increased the traveler’s self confidence. Partnering with trusted third parties both locally and globally is essential when preparing for and responding to a crisis.
Information Resources Center (IRC) Security Databases & Library Catalog
Security Database & Library Catalog of the IRC has hundreds of records on the subjects of travel security and safety, including references to books, Security Management articles, government reports, Annual Seminar recorded sessions, and other documents. Print items are available for use onsite in the O.P. Norton Information Resources Center (IRC) by ASIS International members. Some items have links to electronic versions accessible via the Internet.
To access the IRC, sign-in to the ASIS website, then
go to the library webpages to navigate to the
Security Database & Library Catalog. Search using the term “travel.” Other related subjects include:
- Employee Security Out of the Office
- Executive Protection
- Personal Security
U.S. Department of State, Bureau of Consular Affairs
- Country Specific Information
Travel Alerts and Travel Warnings
Emergency Assistance for U.S. Travelers
U.S. Department of State, Travel Resources
- Preparing for a Trip Abroad
OSAC Reference Papers
“Hostage Taking and Kidnappings”
- U.S. Department of State. (2014, August 11).
Hostage Taking and Kidnappings (7 FAM 1820).
In Foreign Affairs Manual: Consular Affairs (7 FAM).
This brief outlines the U.S. government’s position on hostage taking and the role of various agencies should an incident occur. It also delineates the policy on paying random or pressuring a host government for political concessions. Sections include the treaties, U.S. laws, and U.S. regulations that apply as well as consular roles, notifications, investigations, and prosecutions.