Q&A: Security and the Gig Economy
The project-based economy—commonly known as the gig economy—is gaining momentum.
Approximately 150 million workers in North America and Western Europe have left full-time jobs at organizations for new work lives as independent contractors, according to a Harvard Business Review estimate made last year. By 2020, an estimated 43 percent of the U.S. workforce will be involved in the gig economy, according to a projection made by Intuit Executive Board Chairman Brad Smith.
What will this mean for security professionals? To take a deep dive into that question, Security Management interviewed Marko Cabric, a seasoned global security consultant based in Sweden who is the author of two books, From Corporate Security to Commercial Force: A Business Leader’s Guide to Security Economics and Corporate Security Management: Challenges, Risks, and Strategies.
First, let’s start with a few big picture questions. What effects will the continued rise of the gig economy have on the security industry? Will it mean more opportunity for consultants and security services providers, or more competition?
Cabric: The rise of the gig economy is the logical outcome of the quick win business era that we live in. In this era, businesses focus on cost savings and cost avoidance, and are oriented toward quick profits and short returns of investment.
This has also changed the once strategic nature of security by transforming it into a quick win, project-based service. Unfortunately, security is the usual suspect in nearly every cost-saving equation. The moment security becomes the subject of a quick cost-cutting move, it transforms from a complex process to a simple product. This does not leave much space for deep strategy, sustainability, and consistency.
On one hand, the rise of the project-based economy does provide more job opportunities for security consultants. However, many consultants without a clear and unique niche, and without enough experience, often try to go global instead of focusing on the local. This is a mistake. While the number of prospective clients usually increases with geographic expansion, competition grows, too. Moreover, as the expansion radius increases, competition grows proportionally faster than opportunities.
Security performance is linked to local knowledge and understanding of the cultural nuances and specific place variables, and the overall ability to incorporate this knowledge in the comprehensive security calculus. It also relies on a strong local network and resources. Additionally, distance increases the cost of the service, which makes it less attractive for clients. It also makes customer support following the completion of the project more difficult.
Instead of diluting their chances of landing gigs by spreading their focus all over the crowded global marketplace, consultants without a clear universal advantage should primarily focus on suitable and financially viable local opportunities.
Is the development of the gig economy changing the nature of security consulting, and the nature of security services, in fundamental ways?
Cabric: Yes, and I believe that it is the small and medium-sized businesses (SMB) that are benefiting the most from the emerging models of security consulting.
Traditionally, it has generally been larger enterprises that were privileged enough to be able to afford a security setup, whether in house or outsourced. Smaller businesses didn’t always have the resources or the need for full-time security management professionals on their team. However, these smaller companies still have security issues, experience occasional incidents, and encounter recurring losses. Although they might not justify the cost of adding additional full-time staff, the inconveniences are still significant enough to create the need for a dedicated part-time security function. Until recently, such companies had three bad choices: overpay, compromise on the quality of service, or simply leave issues unaddressed.
Now we have security consulting companies that are completely devoted to offering viable security management solutions to SMBs based on a specific time-sharing business model. Such consultancies typically have a back office composed of professionals who specialize in different aspects of security (investigations, executive protection, intelligence, or engineering) and a front office with generalist field chief security officers. Each of the chief security officers is responsible for the security of several businesses and is physically present in each of them during one or more days per week, depending on the assessed need and the agreed pace. The “back office” is always on standby to provide specialist support for more complex issues.
This model allows a business to have a CSO and a team of specialists performing a service that is specifically tailored to its actual needs while paying only a fraction of the actual cost. I believe that similar models of consulting will grow and expand as security professionals start to fully understand the opportunities that lie in the SMB market. In your book, you mention one potential drawback of outsourcing, through the example of the hospitality industry, which requires security “to be both a presentation and a performance.”
Is it advisable for security consultants to promote themselves as adept both at delivering top-shelf security services and marketing?
Cabric: I don’t believe that any commercial process, service, or product can currently survive without having both functionality and appeal. In the past, security and marketing were always regarded as complete opposites. The function of marketing was to create attraction; security was seen as an unattractive distraction to that, an unavoidable obstacle.
Although it has been more than 70 years since Abraham Maslow, in his Theory of Human Motivation, suggested that safety is the second most important human need, right after the basics of air and food and water, only recently have marketing experts started to realize that security is a concept that positively influences the perceptions and decisions of consumers and, as such, actually promotes products and supports commercial agendas.
Moreover, security could be the prevailing factor in ruling out the competition. Many studies that analyze the motivation of consumers put security at the top of the list of human needs that are essential to all selling, whether face-to-face or in advertisements. It is emotions that sell, and the feelings of being at risk and of being safe are even more successful than sex or desire in triggering emotions.
The shrinking of distance as a product of globalization suddenly brought a variety of security risks right to the living rooms of ordinary people. Crimes and terror can now be committed from a distance using the Internet, while fear as an instrument of terror marketing spreads instantly through new information and communication channels. Moreover, political violence around the globe and intolerance between different ethnic and religious groups have probably reached the highest point in history.
In these times of overwhelming security risks, it would be naive and irresponsible to neglect the need of people to feel safe. The hospitality industry is the perfect example of missed opportunities. Paradoxically, even in regions where terrorist attacks are extremely frequent and where hotels are continuously targeted by terrorists and have suffered devastating attacks, hotels still base their marketing campaigns on the apparent and latent desires of customers by advertising ocean view, food, location, and comfort. Hoteliers completely “forget” to mention security, which is a fundamental concern of guests, and even go the extra mile to hide their security measures.
Will the growth of online platforms cause more end users to turn to more generic security services?
Cabric: Everything we do in security, starting from the creation of policies and down to executing hands-on tactics, is based on a combination of specific circumstances. Even companies that are seemingly identical in every aspect—such as location, size, product, and agenda—might experience some very different issues.
The only advantage of freelance platforms is the possibility to staff and execute projects remotely which, in my opinion, has no application in security. I believe that assessments as well as the design and management of any security-related process or project require actual physical presence. Also, because trustworthiness and reliability are crucial when hiring security consultants and service providers, word of mouth and reputation will continue to outrun convenience and accessibility in hiring calculations.
What other advice would you give to consultants and service providers who want to thrive in the current—and future—security marketplace?
Cabric: Things that we believe give us an edge aren’t necessarily our competitive advantage. So, devote time and energy to understanding what it is that can help you gain an actual advantage over the competition. Expect to be surprised by the result. But also remember that these competitive “X” factors by themselves aren’t enough to ensure success in the marketplace. Apart from strengths, we must also clearly assess our weaknesses and work diligently on finding the missing pieces and adding them to the puzzle.
Many security consultants and service providers in business settings don’t understand that their true mission is not helping the security of the business but helping the business by improving its security. Before rolling up our sleeves and getting our hands dirty, we must devote time and effort to fully understanding the client’s business, including its culture and goals.
Competing on price alone degrades the profession and leads to a race to the bottom by placing us among countless similar, anonymous, cheap consultants and service providers. On the other hand, competing on quality advances the trade, gives us an identifiable differentiator, and simultaneously lifts us toward niche markets.
From first to last: be fair to yourself, the client, and the profession!
Mark Tarallo is senior content manager at Security Management. Contact him at firstname.lastname@example.org. Connect with him on LinkedIn.