How to Use ESG as a Global Strategy to Address Risk
Larry Fitzgerald, CPP, PSP, is a licensed geologist. He’s worked for years with teams to assess the impact of groundwater and landslides on facilities.
That background now helps inform the work he does as the director of security and emergency management services for TRC Companies, Inc., a global consulting, engineering, and construction management firm.
“I’m a security professional, but I’m also a geoscientist,” Fitzgerald says. “I’ve recognized that risk to people in organizations and critical infrastructure comes from a number of areas—manmade threats but also natural hazards.”
The risks that natural hazards pose to businesses and their assets are rising. In 2024 so far, the United States has experienced 19 weather or climate disaster events with losses exceeding $1 billion.
“These events included 15 severe storm events, 1 tropical cyclone event, 1 wildfire event, and 2 winter storm events,” according to the National Oceanic Atmospheric Administration’s analysis. “Overall, these events resulted in the deaths of 149 people and had significant economic effects on the areas impacted.”
The 19 $1 billion disaster events in 2024 also far outpace the average of 8.5 events per year that NOAA tracked between 1980 and 2023.
The increasing pace, and potential overlap, of crises is pushing risk managers to think about environmental disasters as security risks. For instance, Fitzgerald’s company recently completed an assessment on a utility grid control center and found it was vulnerable to experiencing windspeeds of 92 to 115 miles per hour.
“The building was old. It was not designed to withstand that,” Fitzgerald says, adding that that those same characteristics also made the building vulnerable to a blast from a moderate improvised explosive device (IED).
“The impacts from both are fairly instantaneous—a short duration and high burst,” he adds. “So, we designed a mitigation to harden it to withstand both. It was kind of a nexus where you’re addressing climate risk while also addressing man-made risk.”
Rawlings Miller, Ph.D., vice president of climate advisory and resilience, TRC Companies, Inc., says that now when the firm evaluates clients’ sites, it looks at about 17 different climate related hazards. These include flooding, heavy precipitation, ponding, extreme heat, drought, and more.
For a company, for instance, Miller says they would look at the businesses’ assets—including its infrastructure—and evaluate its potential exposure to those climate-related hazards.
“Then we look at what is that going to mean? Is it going to break? Be disruptive?” she adds. “And then the consequences of that…if we lose that office building, can we work remotely?”
Using this process can help reveal gaps and limitations that organizations have—from structural integrity to flooding concerns—that might be missed in other evaluations.
“It’s showing that there’s some elements within ESG processes that are revealing gaps and limitations that are important for security to know about and be aware of,” Miller adds.
In a Wednesday Game Changer session at GSX 2024, Fitzgerald and Miller will share lessons from their work alongside panelists Tracey Durner, chief of programs, Global Center on Cooperative Security; and Nicole Persaud, head of global safety and security, Samsara. All four participants will discuss how to use Environmental, Social, and Corporate Governance (ESG) as a framework for a global strategy to address risk.
In the Game Changer, they plan to talk about work done on security, crime, terrorism, insider threats, and how that can be integrated with climate data. The panelists will also touch on case studies, sharing how to fold the ESG framework into other assessment methodologies to facilitate decision-making.
Ideally, attendees will leave the session with the ability to appraise how responding to crises can affect a company’s reputation, discuss ESG concepts in a way that resonates with stakeholders, and prepare security stakeholders and teams to think strategically around ESG.
Communicating with stakeholders can be especially difficult if you’re using security jargon—which is sometimes easier to do when you’re busy or pressed for time. This is when it’s especially important to make sure you’re using simple language that is easily understood by your audience.
“Your audience will ask if they need to know more or for detail if they’re interested,” Miller says. “Then you can turn it into a dialogue, with evidence to support it.”
Megan Gates is editor-in-chief of the GSX Daily, which is published by Security Management. Connect with her at [email protected] or on LinkedIn.