Interviews
'Many MNCs are set to double their allocation for security'
 R K Sinha, CMD, Security and Intelligence Services
 Sebastian PT

The November 26 Mumbai terror attack has been a rude awakening to corporates. It demonstrated how chillingly close terror can come and how important it is to put in place effective measures to counter it. Ravindra Kishore Sinha, Chairman and Managing Director of Security and Intelligence Services (SIS), a Delhi-based private firm, which provides security-related services to over 3,000 blue chip clients, spoke to Sebastian PT on how 

companies have to revamp its security strategies. Excerpt of the interview:

 

How have corporates changed their attitude towards security?

 

Today, the subject of security has entered the corporate boardroom. Senior board members take it up as a strategic issue. Earlier, it was left to the administration department or to the security in-charge.

 

All these years, security was considered as a support function, rather a necessary evil, without much use. But now, management has realised that security is an important mainline function just as marketing or finance is because, a security failure can have a terrible impact on a company.

 

Corporates now realise that all enterprises have to take care of broadly two functions: One is increasing productivity and profitability through better production, marketing, finance strategies. Secondly, they have to prevent losses. Factoring in loss is as important as production itself. Suppose a company invests about Rs 1,000 crore to build infrastructure, hire people, buy raw materials, process it and then sell it in the market to, say, earn Rs 50 crore (about 5% of the investment) in a year. But if there is a leakage of, say, Rs 10 crore, then it should not be perceived as 1% of the investment amount but as 20% of the profits. So, if this loss is prevented, the bottom line goes up by 20%. Managements have started realising this. Security will gradually become a direct reporting subject to the CEO in all companies.

 

When did a paradigm shift in perception on security happen?

 

After 9/11, there has been a paradigm shift in threat perception by corporates worldwide, including those in India.  However, in the last six months, three incidents have made Indian corporates change their perception towards security. First, the Jaipur, Bangalore, Ahmedabad and Delhi serial blasts this year, triggered demand by the retail sector-especially shopping malls which saw lesser footfalls-and the hospitality sector.

 

Second, the Singur incident (where the Trinamool Congress chief Mamata Banerjee laid siege on Tata Motors’ Nano car project, which then had to be shifted to Gujarat) opened the eyes of the manufacturing sector and the mining industry to the need of security in order to protect their assets from angry villagers and violent political demonstrations. Tata Motors is our client and we provided security cover at Singur and are now involved in shifting their equipment to Sanand, Gujarat.

 

Third, the killing of the CEO of a Italy-based company in Noida by sacked workers has made many MNCs sit back and take a deep look at the need for security cover for its top management.

 

That apart, many expats refuse to come down to India unless they are sure that proper security would be provided to them.

 

How has the Mumbai attack changed security risk perception?

 

With the Mumbai attack, terror has taken a new dimension. It raises many questions, like how equipped are we? There were about 10 private security guards at the Trident, but all of them had nothing but batons with them while the terrorists wielded AK-47s. Three of the guards got killed. The guards are sitting ducks as they are invariably the first targets of terrorists. Even if a few of the guards had automatic weapons, then they probably could have killed the terrorists or at least restricted them to the lobby or the reception and could have reduced the mass murders that followed. We face the same handicap in all our fronts, whether it is guarding corporates or institutions.

 

What kind of policy changes do you expect from the government?

In India, though the Private Security Agencies Act, 2005 has regulated private agencies, it still doesn’t allow them to carry weapons. The security men guarding our monuments and ATMs have the kind of weapons that private citizens can buy if they have a licence. It is necessary for the government to decide whether paramilitary forces would man such sites or buildings or to allow private security agencies to carry automatic weapons.

Also, licences are provided at district-level, which is a cumbersome process. We have a presence in about 25 states, but still have to go through the ordeal of procuring licence at each district. There should be a national regulator who will issue licences at the national level.

 

But many argue that issuing arms licences to private agencies is a very complicated issue, as it could become very difficult to control and regulate the use of weapons...

 

All private security agencies need not be given arms licence for automatic weapons. The government will have to put in place some parameters for the security agencies—violation of which would lead to the cancellation of their licences. Something similar to the way it is for telecom operators. Some parameters could be a minimum annual turnover of Rs 100 crore; employing 10,000 or more guards; and an experience in security business for a particular number of years.

 

The government will have to trust them. More importantly, it is necessary to have a caveat on restriction on companies that have stakes by foreign individuals or companies that are Chinese, Pakistani and the like.

 

What has been the kind of fund allocation by corporates for security in recent times? How much needs to be invested depending of the kind of companies?

 

So far, most corporates have no allocation for security needs. A junior officer in the administration would say he wants 20 or 30 people. Interestingly, most corporates say they do not want any supervisory staff as that would mean more expenses.

 

Now, they have realised that security is a professional job and you need supervisors. They have also realised that a third party has to evaluate the security threat, design a counter measure and indicate the necessary manpower and equipment required for addressing the threat perception. They are now asking security agencies to come with a security plan and make a presentation. 

 

Though the actual numbers and percentage would depend on company to company, many MNCs are set to double their allocation for the coming fiscal (2008-09) for security.

 

How important is it for vetting an employee’s background in the current scenario?

 

The present terror threat scenario all the more makes it mandatory for all companies to vet their employees. Pre-employment and post-employment verification is necessary. Unfortunately, the police verification in India is very perfunctory; it consists of only saying whether a certain person has a criminal record or not. But this isn’t enough. You have to go into details such as the criminal background of a particular person’s entire family; his traits and behaviour and so on. We have a separate division for this.

Currently, Indian companies mostly do background verification for people joining at a fairly senior level. Though some companies are now trying to expand verification of most employees.

 

What are the does and don’ts that you would advise CEOs?

1) Terrorism is a rude reality and there seems to be no solution to this menace in the foreseeable future. There is no choice but to learn to live in this kind of a scenario.

2) Assess the intangible cost of a terror attack, and not just in monetary terms. A Tata may well be capable to rebuild the Taj Hotel, but what about a small company? One such incident can finish off their business for good.

3) Invest in a "near" foolproof security programme designed by experts or professionals. There can’t be a 100% fool-proof programme but the best possible preventive and protective measures have to be taken.

4) There is no single formula or thumb-rule for security operations and the need for each company could differ from the other. But some basic standards have to be followed.

5) Make security audit a constant and regular feature and should be given the same importance as a financial or a management audit.

6) The scope and description of security work should be very clearly defined and settled. There should be no scope for discretion by the security personnel. For instance, if a general manager forgets to bring his "swipe card" for entry into the office premises, the guard should simply not allow the GM to get in irrespective of the familiarity of the person concerned. Go in for biometric IDs.

7) A foolproof detection and communication system. There should be multi-layer tiers for checking both people and baggage. It is important to install the latest equipment to screen people (employees, vendors and guests) and baggage); have active camera surveillance and upgraded technology depending on the levels of risk and necessity.

8) Reduce and regulate access points. It is important not to down guard on regular vendors also. More entry points would only increase security threat as it involves increased logistics and difficult on coordinating security measures. Even hotels will do best to reduce their multi-entry points.

9) Put a contingency plan in place by maintaining a database backup of the entire computer operations and records at a location far away from the building. So, even if the records are lost due to an exigency at the building, there is always a backup and continuity in business.

10) Have regular interactions with the security staff so as to keep their morale high. Remember, they are the ones who put their lives on the line of duty.