To Find Your Footing in a Weightless Geopolitical Environment, Use Intelligence and ESRM

In today’s interconnected world, geopolitics is a significant factor shaping the landscape of most major global corporations. For organizations with a global presence, the operational environment has become increasingly complex, influenced not only by criminal threats and natural hazards but also by shifting alliances, economic sanctions, political instability, and regional conflicts. 

This situation resembles something out of a science fiction novel, where one must navigate emergencies in a zero-gravity setting: Every option appears complicated, akin to maneuvering in a three-dimensional space without solid footing. Many security professionals, especially those in leadership roles, are increasingly drawn into discussions about how to tackle these issues at the highest levels of their organization. This raises the challenge of providing effective and sound counsel in such a dynamic and complicated environment.

Fortunately, with the tools available today, it is possible to deliver meaningful data and recommendations on time with some adjustments to existing processes. Historically, security professionals have been viewed mainly through the lens of physical security management. However, by applying our knowledge of enterprise security risk management (ESRM) and sound intelligence practices, we can offer clarity and guidance during these challenging times.

The essential goal is to understand what leaders need to know and when they need to know it. 

With any business, it is critical to understand the needs of the leadership when undertaking to provide effective intelligence and risk management recommendations. There are many ways this understanding can be achieved, but all of them depend on one factor: credibility.

Gaining Credibility

To be of value, you have to understand the needs and concerns of the decision maker and asset owners, which typically means you have to have some conduit into their thinking. Here is where the ESRM model can be a tool to help the security professional gain credibility.

Under ESRM, security leaders are trusted advisers and solution providers to the asset owner, who is the person, or possibly business unit, that owns, controls, or is responsible for that asset (physical, informational, reputational, and so on). Very often, these asset owners are key executives within the organization, so performing well in the area of risk management can directly impact and improve the credibility by which you are seen as an asset to their decision-making process. You will already have been involved in determining what is most critical and how to safeguard it, given your exposure to a broad range of issues that impact the asset cross-functionally. This experience increases the chances that key decision makers will be willing to listen, and their willingness to listen is often a key indicator that you are gaining credibility.

Most decision makers can tap into a number of sources of information. In fact, the volume of information can have the effect of whiteout in a blizzard: It’s nearly impossible to see where to go. In these conditions, the decision makers are going to look to people that they know and trust to serve as the proverbial compass.

Regular and reliable interaction is another key element to building credibility. Frequent engagement helps security professionals better understand leadership needs and the information that can assist them as they navigate challenging situations.

Security organizations frequently provide actionable intelligence by monitoring global events or, more tactically, activities within their local environments. This creates a channel through which security executives can offer clarity and insights. Furthermore, ESRM relies on interviews with key stakeholders and asset owners to understand what is important. The interview process within ESRM requires you to ask questions to understand what is vital. The result is the development of a matrix of critical assets used in risk analysis. To get to that information, the security professional must leverage his or her experience in interviewing as part of an investigation.

Using the insight gained from the ESRM interviews, you can ask tailored questions about the needs of the current intelligence assignment. By combining this with your routine global intelligence monitoring process, you can synthesize a greater understanding of the needs of the leaders trying to navigate this complex environment.

Through these two effective methodologies—intelligence gathering and ESRM—security professionals can access a wealth of information that identifies areas of interest crucial for leadership decision-making. Implemented properly, these methodologies allow for the development of actionable intelligence or solutions to help decision makers reach an effective and well-informed decision.

The volume of information can have the effect of whiteout in a blizzard: It’s nearly impossible to see where to go.

Areas of Interest

Having acquired insight into leadership’s decision-making processes, you can generate a list of named areas of interest (NAIs) and target areas of interest (TAIs). An NAI refers to a topic, subject, or location for which there is a general need for information, yet the NAI does not have a targeted asset monitoring it (such as open-source alerts or a professional contact providing information on the topic). Those efforts would include broad areas of interest, such as monitoring labor negotiations at a key port through which your materials must be shipped. In this case, you would generally monitor for information about the possibility of increased labor tensions, but the situation might not require the commitment of dedicated, specific asset or resource. 

In contrast, a TAI is a specific subject or location being monitored by an asset. A TAI could be a particular section of a highway known for its high cargo-theft rate during transit. In this case, you would need an asset capable of observing what occurs on this road and providing timely information to prevent loss. In another example, let’s say your company operates a manufacturing facility in a high-risk area. In the past, there have been break-ins along the fence line to steal products from the shipping yard. In this case, the targeted assets would be microwave intrusion detection systems and video management systems (cameras), both of which monitor the target area.

Considering TAIs from a broader perspective, leadership may be interested in specific outcomes from a country’s elections and the appointment of key ministers. For instance, a change in government in an oil-rich country often results in new appointments for ministers of the interior and their supporting staff. By utilizing open-source intelligence and other methods, you could help leadership identify the most likely candidates for such key roles. Additionally, collaborating with your communications or government relations team may help you identify which individuals are likely to become key staff members.

Each of these individuals can be profiled through reasonable and legal means using open-source data, offering the leadership insights into the types of people they may be dealing with and their potential direction.

Applied Intelligence

The challenge lies in the details. The variety of issues that geopolitical instability presents is quite broad. In each case, the solution will require significant tailoring to be effective. Here is an example scenario of a business challenge along with a course of action. This scenario is not necessarily universal, but it provides a primer to help you deliver intelligence that can be useful to decision makers.

Scenario: You are asked to look at how the increase in geopolitical tension impacts the risk of unlawful detention for key executives during travel.

Background: A senior vice president in charge of operations expressed concern that, given key executives’ frequency of travel to and from a country where tensions have escalated with your home country, they may be at increased risk of unlawful detention. She specifically cited the example of the two Canadian citizens who were caught in a diplomatic dispute between China and Canada. You have been asked to produce a report detailing the likelihood or risk of unlawful detention as well as potential mitigation strategies.

Possible approach: When dealing with these kinds of international situations, it is important to understand the fundamental rules regarding unlawful or wrongful detention. Many companies employ travel safety and security providers that can generate reports on travel risks and how to avoid such situations. Additionally, you can leverage contacts within diplomatic services worldwide to better understand the concerns (such as OSAC, Global Affairs Canada, United Kingdom Foreign, Commonwealth & Development Office, Australian Department of Foreign Affairs and Trade). You might also reach out to colleagues within the ASIS International directory or those operating internationally to gather their insights.

Internally, contact the department managing your corporate travel—often found within finance or risk management departments—to assess how many travelers typically go to the destination in question. They often have names or positions of individuals who have traveled there, which can be useful for risk assessment and understanding exposure levels.

Collaborating with your communications or government relations team may help you identify which individuals are likely to become key staff members.

Another internal resource is your information security team. These members monitor risks posed to the network and can provide insights into challenges related to travel where unlawful detention is a concern. There is often a link between unlawful detention and the protection of intellectual property, which falls under the IT security department’s scope.

By approaching this issue from multiple perspectives, you can present a comprehensive overview of the risks and propose mitigation strategies to help decision makers find the best way to address travel to destinations with detention concerns. As a result of this collaboration, combined with a thorough review of your confidential and open-source intelligence, you’ll be able to provide the following recommendations.

Information safeguards. In order to protect the organization’s intellectual property, strongly recommend that the member travel with a clean computer and smartphone—devices that have access only to specific software to allow for communication during the trip. The devices would be returned to the IT department after the trip for review and analysis of possible unauthorized attempts to access information. 

Travel safeguards. The social media footprint of each traveler should be carefully reviewed for any information that would be considered controversial in the destination country. To avoid being subject to unlawful detention, each member should be briefed and trained on what to do—or not do—when entering the country.

Communication protocols. A check-in system should be established requiring members traveling to communicate their location at specific times during the trip. This is particularly critical when they enter or leave the country in question. A good, simple solution is to leverage existing encrypted communications platforms like WhatsApp or Signal, provided they are permissible within the destination country.

Response planning. Based on your intelligence and review of the situation, you can recommend crafting a robust response plan for leadership should any member of staff be unlawfully detained. This can include prearranging in-country legal resources and proactively communicating with the appropriate diplomatic service for the traveling party to make sure they are aware of the travelers and prepared to respond should they be held unlawfully.

As shown by this scenario and its solution, many tools are available to security professionals for managing the often complex impact of geopolitics on business operations. Many of us have experience dealing with emergency situations and crisis management. A key first step in any crisis is to assess what intelligence you have and what you need to keep decision makers and risk owners informed. The most reliable sources of information are frequently accessible if you stay open-minded. This approach enables you to create reports and recommendations that support decision makers in choosing the best course to fulfill your organization's mission.

Ralph (RC) Miles, CPP, is a leader with decades of experience in corporate security, emergency management, and risk mitigation. He currently serves as the global director of security for Bombardier Recreational Products (BRP), a leading global manufacturer of powersports vehicles that employs nearly 16,000 people worldwide and operates in 130 countries. He serves as a member of the Board of Directors for the ASIS International CSO Center and holds the Certified Protection Professional (CPP) designation from ASIS International. His awards include the 2025 President’s Award of Merit from ASIS International, the 2025 Outstanding In-House Security Manager/Director from the Outstanding Security Performance Awards (OSPAs) for the United States, and selection as a 2025 Security Influencer by Security Journal Americas.