The safety arena is undergoing swift changes, and it’s crucial for leaders to remain one step ahead of the forthcoming risks. In this Perspective in Resilience, our Global Chief Security Officer, Tracy Reinhold, imparts valuable knowledge on how to fortify your organization’s security resilience, adjust to novel dangers, and cultivate a forward-thinking culture of readiness. Tracy provides concrete advice for leaders traversing the unpredictable environment of today, tackling both virtual threats and physical security hurdles.

The security landscape has never been more complex. In this blog, Tracy Reinhold talks about how leaders can stay ahead of growing threats and create a security strategy that keeps their organizations strong.

Corporate security has evolved dramatically over the past decade. No longer confined to physical risks like break-ins or property damage, security now encompasses cyber threats, insider risks, and even the impact of global instability. The convergence of physical and digital risks has created a complex threat landscape, requiring organizations to think holistically about security.

For security leaders, this complexity presents both challenges and opportunities. Those who adapt quickly, leverage technology, and foster collaboration across teams can position their organizations as resilient and forward-thinking. This blog explores the current security landscape, key leadership strategies, and actionable lessons for managing security in an era of constant change.

The current security landscape: Challenges and trends

The traditional view of corporate security, focused primarily on physical assets, has shifted dramatically. Modern organizations face a convergence of risks that are deeply interconnected. Consider these key trends:

1. The convergence of physical and digital risks

Cyber-physical threats are on the rise. For example, a cyberattack on a building’s access control system could compromise physical safety, while a disruption to IoT-connected devices could shut down entire operations. Organizations must address these hybrid threats with integrated strategies that span both physical and digital domains.

2. Global instability

From political unrest to natural disasters, global instability is introducing new vulnerabilities. According to the Global Peace Index, incidents of civil unrest have increased by over 50% in the past decade, affecting supply chains, employee safety, and business continuity.

3. The expanding security perimeter

The rise of remote work and hybrid models has blurred the traditional security boundaries. Home networks, personal devices, and cloud-based platforms have expanded the attack surface, creating new vulnerabilities for cyberattacks and insider threats.

These trends underscore the need for organizations to rethink their approach to security, moving from reactive measures to proactive strategies that anticipate and mitigate risks.

Key leadership lessons for modern security management

Effective security leadership requires more than technical expertise; it demands strategic vision, adaptability, and collaboration. Here are three essential lessons for navigating today’s complex security landscape:

1. Security is a shared responsibility

Security cannot be siloed within a single department. It must be embedded across the organization, with clear roles and responsibilities for every team. Employees should be educated about potential risks, from phishing emails to suspicious activity on-site, and empowered to act.

For example, a manufacturing company implemented a company-wide security awareness program, including regular training and simulated phishing exercises. As a result, employees became more vigilant, reducing the likelihood of both cyber and physical breaches.

2. Agility Is essential

In a world where threats evolve rapidly, agility is a critical capability. Security leaders must be able to pivot quickly in response to emerging risks, whether it’s a new ransomware attack or geopolitical instability.

Agility also requires access to real-time data and insights. Leveraging tools like threat intelligence platforms and incident response systems enables organizations to detect and respond to risks faster. For instance, a retail company used predictive analytics to identify potential disruptions during a major protest, allowing it to reroute deliveries and avoid delays.

3. Data-driven decision making

Data is one of the most powerful tools for security leaders. By analyzing historical incident reports, monitoring current risks, and leveraging predictive analytics, organizations can make informed decisions to mitigate threats proactively.

For example, a healthcare organization analyzed patterns of attempted breaches on its network and used this data to strengthen its defenses, reducing the likelihood of future attacks. Data-driven insights also help leaders allocate resources effectively, focusing efforts where they’re needed most.

The role of collaboration in security

Collaboration is at the heart of modern security strategies. No single team or department can address today’s multifaceted risks alone. Here’s how collaboration drives better security outcomes:

1. Breaking down silos

Security leaders must foster collaboration across IT, HR, operations, and leadership. For example, IT teams can work with HR to identify insider threats, while operations teams can coordinate with security to ensure physical safety during an emergency.

2. External partnerships

Collaborating with external partners, such as local law enforcement, emergency responders, and industry peers, enhances an organization’s ability to respond to crises. During a natural disaster, for instance, organizations that have pre-established relationships with emergency services can recover faster and protect employees more effectively.

3. Sharing threat intelligence

Participating in threat intelligence sharing networks allows organizations to stay ahead of emerging risks. For example, cybersecurity organizations that share data on new malware strains can help others prepare and defend against similar attacks.

Case studies: Security resilience in action

1. Tech sector

A global tech company faced increasing risks from cyberattacks targeting its remote workforce. By implementing zero-trust architecture, requiring multifactor authentication, and deploying endpoint detection tools, the company significantly reduced successful breaches. Collaboration between IT, security, and HR teams ensured smooth implementation and employee compliance.

2. Retail sector

During a period of heightened civil unrest, a retail chain leveraged its security operations center (SOC) to monitor real-time data on protests near its stores. The SOC coordinated with local law enforcement to implement precautionary measures, including adjusting store hours and rerouting deliveries. These actions prevented property damage and ensured employee safety.

Looking ahead: The future of corporate security

As the threat landscape continues to evolve, organizations must stay ahead by embracing innovation and fostering collaboration. The future of corporate security will be defined by adaptability, proactive planning, and the integration of technology and human expertise.

Key trends to watch include the rise of AI-driven threats, the growing importance of supply chain security, and the convergence of cybersecurity with physical security. Leaders who prioritize agility, data-driven decision-making, and collaboration will be best positioned to navigate these challenges.

Corporate security is no longer just about protecting assets—it’s about enabling resilience, building trust, and driving long-term success. By adopting these principles, organizations can thrive in an era of complexity and uncertainty.

Security resilience starts with leadership. Tracy’s approach focuses on preparation, communication, and building a culture of vigilance. Take a fresh look at your security posture today and see where your organization can strengthen its defenses.

Operational resilience is the ability of an organization to deliver critical business operations, even during disruptions. This concept, as defined by the European Banking Authority, emphasizes ensuring that essential services continue to function amid challenges such as cyber-attacks, natural disasters, regulatory changes, or supply chain disruptions. 

Unlike organizational resilience, which focuses on the broader capacity of an organization to adapt and survive, operational resilience focuses on maintaining critical operations. Its growing importance stems from the increasingly interconnected and complex environments businesses operate in today. 

Why operational resilience matters 

Disruption is an unavoidable reality in today’s business environment. With increasingly sophisticated cyber threats, geopolitical uncertainties, natural disasters and a hyperconnected digital world, the question is no longer if a critical incident will occur, but when. The ability to anticipate and mitigate such incidents can mean the difference between navigating the storm successfully or facing significant losses.  

Beyond financial impacts, failing to maintain operations during a crisis can severely harm your reputation and strain relationships with customers and vendors. In some industries, it could even lead to regulatory penalties. Being prepared is not just an advantage—it’s a necessity. 

For industries such as Financial Services, Healthcare, Energy and Utilities, Telecom, and Manufacturing, disruptions can have far-reaching effects. Operational resilience ensures: 

• Business continuity even under adverse circumstances. 
• Protection of critical services for customers and stakeholders.  
• Regulatory compliance, reducing the risk of penalties.  
• Enhanced organizational reputation, fostering trust and loyalty.  

Ultimately, operational resilience sets businesses up not only to survive but to thrive, ensuring they remain competitive no matter the challenges. 

Key elements of operational resilience 

Building operational resilience requires focusing on three critical areas: people, processes, and technology.  

People 

• Cross-functional collaboration: Teams from IT, security, leadership, compliance, and operations must work together to identify potential vulnerabilities and develop strategies. 
• Leadership is key: Leaders must foster a culture of resilience that encourages proactive problem-solving and organizational readiness. 

Processes  

• Protect critical business functions: Identify which processes are vital to operations and design safeguards to keep them running. 
• Flexibility is critical: Operational workflows must be adaptable to accommodate unforeseen challenges or evolving risks. 

Technology & systems   

• Robust IT infrastructure is essential: This includes cybersecurity measures, disaster recovery plans, and reliable data backup systems.  
• Modern tools pave the way for real-time insights: Technologies like artificial intelligence can help monitor vulnerabilities and predict potential disruptions. 

How to build operational resilience  

Implementing operational resilience starts with actionable steps that organizations can take today.  

Assessing operational risks & vulnerabilities  

• Conduct comprehensive risk assessments to identify potential threats.  
• Map out dependencies across operations, including third-party vendors and supply chains.   

Establishing a response framework   

• Develop incident response plans that outline clear steps to handle unforeseen disruptions.  
• Regularly test frameworks through drills and simulations, ensuring readiness during high-stress events.  

Embedding resilience into strategic decisions  

• Align operational resilience with business goals, risk management strategies, and business continuity planning.  
• Make continuous adaptation a priority, recognizing that risks and operational landscapes constantly evolve.  

Continuous improvement  

• Track performance over time using KPIs specific to resilience and refine strategies accordingly.  
• Stay informed about emerging risks and industry changes that may require new approaches.  

Operational Resilience vs Business Continuity  

While operational resilience and business continuity often overlap, they are distinct approaches.  

Operational resilience takes a proactive and broader approach. It considers not just internal operations but external dependencies, regulatory requirements (like DORA in financial services), and long-term risks.  

Business continuity, on the other hand, focuses on reactive measures, such as predefined plans to recover quickly after disruptions. Its priority is minimizing downtime and restoring operations.  

Both disciplines depend on cross-functional collaboration, emphasize the identification of critical business functions, and require regular testing. However, operational resilience builds on business continuity by ensuring adaptability to future challenges.  

Future of operational resilience 

The future of operational resilience is rooted in proactive planning and continuous improvement. To remain competitive, businesses must anticipate risks and integrate resilience into their everyday strategies.  

This means fostering collaboration across departments, leveraging advanced technologies, and aligning resilience with organizational goals. By combining operational resilience with business continuity, organizations position themselves to withstand turbulent conditions and meet future challenges head-on.  

Now is the time to act. Continuity experts should assess their organization’s operational resilience framework, identify gaps, and take strategic steps to strengthen it.

For more ways to operationalize resilience, visit our resource on understanding DORA and explore our Operational Resilience Solutions.  

Operational resilience isn’t just a priority—it’s a business imperative. Take the next step to protect your critical operations today. 

In December 2024 a prominent CEO was shot and killed outside of a Manhattan hotel where they were attending an investor meeting. The incident has drawn significant public attention, with speculation surrounding both the suspect’s motives and the broader implications for corporate security, given ongoing controversies and protests against the company at the time of the attack.

The best way to protect your company and your executive assets from this risk is developing a comprehensive executive protection and secure journey management plan.An intelligence led approach can limit your risk exposure and enhance your executive protection in a variety of ways.

– Adam DeLuca, Everbridge Director of Risk Intelligence

Monitoring

Early detection of threat and risk is invaluable to executive protection. Monitoring collection platforms in real-time allows you to identify potential threats before they become major problems and enables executive protection teams to proactively manage risk to their clients in a timely manner.

Utilizing different types of intelligence  

OSINT gathers information from publicly available sources. Human intelligence collects information obtained through direct contact with individuals who may have relevant insights. Signal intelligence monitors electronic communications and data to identify potential threats. Protective intelligence focuses specifically on identifying and assessing threats to an individual. These types of intelligence analyze incredible amounts of data from various sources to provide a comprehensive picture of the threat landscape to help shape risk assessments. 

Trend analysis / Threat assessments

Looking at the threat landscape and doing comprehensive threat assessments allows security teams to anticipate potential risks and vulnerabilities, develop targeted mitigation strategies, and make informed decisions to safeguard the principal through detailed situational awareness, rather than simply reacting to incidents.

Situational awareness

By monitoring real-time information, intelligence provides a comprehensive understanding of the environment surrounding the executive, including potential dangers in specific locations or during travel.