How to Build Resilience at Your Organization
Resilience and its importance—not only for individuals, but also for organizations—has grown in recent years, intersecting with the work security practitioners are doing to ensure business continuity and success.
“We are definitely seeing an increase in the frequency and intensity of crisis events, both man-made and natural. They just seem to be getting bigger and more frequent with longer durations,” says RC Miles, CPP, global director of safety and security at the AIDS Healthcare Foundation.
No matter how much risk mitigation you do, you cannot possibly eliminate all of the risks.
Miles and Maribeth Anderson, MPA, CSP, global senior director, business continuity and corporate security for Xylem, will discuss lessons learned in recovery and adaptation during the Game Changer session “Knocked Down, Not Knocked Out: Building Organizational Resilience,” on Monday, 23 September, at GSX in Orlando, Florida.
An organization must be resilient, Anderson adds, because eventually a crisis will happen. This makes the need for recovery and adaptation a matter of when and not if.
“It’s always about looking ahead. You need to look at what you have to work with, the risks and the threats, and identify, but it’s also looking ahead,” Anderson says. “…No matter how much risk mitigation you do, you cannot possibly eliminate all of the risks. That means crises will happen, regardless of your best efforts to work with your organization to identify risk and put plans into place.”
The Intersection of Security and Resilience
During the 11 September 2001 terror attacks, Anderson was working as an environmental health and safety practitioner at Chicago O’Hare International Airport in the U.S. state of Illinois. She says that 9/11 “pivoted” the way she viewed operations at the airport and her entire career.
Airlines and law enforcement operating out of and with O’Hare had their own business continuity plans, but the airport itself lacked a coordinated plan between stakeholders, according to Anderson. In the wake of the attacks, Anderson was presented with the opportunity to write O’Hare’s first plans for business continuity.
“Nobody thought that an event such as 9/11 could happen,” she says. “That was a single trajectory point in my career and as I went forward, it’s always been about looking ahead.”
While Anderson’s career path was altered by this defining event, Miles’s career path security career path was more traditional: beginning with service in the U.S. Army. When he left the service, Miles eventually migrated into the security industry and ultimately to the role of head of security for the AIDS Healthcare Foundation.
When he took on the job, the foundation lacked resiliency plans. This became a significant obstacle that Miles says he knew he would have to address.
“My first week, we had an earthquake in Mexico and two hurricanes come through Florida that I had to deal with,” he adds. “That was before I barely got my computer turned on.
“It was very obvious to me that organizational resilience was a critical part of my future with this organization,” Miles says. “I’d say probably at least one-third to one-half of my time is spent on organizational resilience emergency response and crisis or business continually planning.”
Takeaways for Session Attendees
Anderson and Miles agree that anyone who leads a team should consider adding the game changer session to their itinerary for GSX.
One of the larger points the speakers will stress in their remarks is the value of preparation before a crisis strikes.
“One of the things that we have been focusing very heavily on, and the lessons I’ve been able to convey to my organization, is that victory is determined before you even step on the field,” Miles says.
For Miles, a victory requires proper preparation and planning, tabletop exercises, and training of staff on how to respond to crises at all levels. In fact, he notes that involvement of the entire organization—not just those on the security team or in the C-suite—is critical because a crisis is not exclusive to the executive level.
Anderson and Miles will also touch on the importance of enabling organizational agility.
“There’s no doubt in my mind that most organizational employees roll up their sleeves during a crisis and try to figure it out,” Anderson adds.
While most organizations want staff dedicated to helping in a crisis, without proper planning and preparation these same employees can be less effective in addressing an incident. This is because employees may scramble, they may be frenzied, and may lack confidence in their decision-making abilities.
Training, Miles adds, helps employees make calm and informed decisions because they are already familiar with the actions they need to take when responding to a crisis.
“Next to planning, training is the most neglected thing that I typically see. It’s costly, it’s perishable because if you don’t go over it again, you forget it,” Miles says. “Training does one thing along with planning that you just can’t beat, which is it gives you confidence…and it’s confidence that gets you through.”
Want more insights on crisis management and employee training? Read RC Miles' article, “Battle Ready: Maintaining Operations in Conflict Zones,” originally published in Security Management’s June/July 2022 issue.
Sara Mosqueda is associate editor at Security Management, which powers the GSX Daily. Connect with her at [email protected] or on LinkedIn.