Two waves of coronavirus, the economic crisis and acute social discontent provoked by COVID and other factors, tensions in the international arena have raised serious questions for global business.
Private business has entered a zone of steep turbulence. The travel, transport and HoReCa sectors are on the brink of survival, manufacturing and trade are going downhill, the labor market is sinking, countries are looking towards the localization of goods production.
All of the above problems have affected, perhaps, all the inhabitants of our planet. They did not bypass the Republic of Belarus either.
Under these conditions, any responsible company's owner or executive inevitably begins to think about future of their business. It causes an understanding and comprehension of the problem of business security.
Business security is the level of protection of vital business interests from internal and external threats and the degree of resilience against destructive influences.
It would be incorrect to say that until 2020-2021 business security did not play any role for most economic entities.
In accordance with the general theory of business security, there are five basic threats:
- threats associated with competition (for example, illegal actions to discredit a competitor's product);
- threats associated with a human factor (for example, negligence of own employees);
- threats associated with organized crime;
- threats related to the activities of the government (corruption, imperfect legislation, administrative resources, politics, etc.);
- threats associated with human-made and natural factors.
Until 2021, to ensure the security of their own enterprise, medium-sized business leaders only needed to plan resources to counter two types of threats: unfair competition and the human factor. Neutralization of other threats was not required or was carried out when a real danger emerged.
The fight against unfair competition also did not require too high costs: it was necessary to find out the “culprit” on your own and send a lawsuit in court for compensation in time. And to neutralize the human factor, the most effective way has always been to dismiss the bad employee and hire a person with an impeccable reputation.
In the post-Soviet space, representatives of local medium and small enterprises most often did not consider it necessary to allocate any significant budget for supporing the organization with B2B services. As a rule, the majority of managers paid due attention to accounting, the most progressive ones tried to introduce modern innovative technologies into legal work, applied for an external audit.
At the same time, no less important areas such as business planning, business security, managerial accounting, technical support, business process improvement, in most cases were financed on a leftover basis until 2021. Only large enterprises, banks and hi-tech business (software, hardware, etc.) could boast of streamlined processes in these areas.
Due to the fact that the company management did not pay attention to corporate security, most often the main responsibilities of the absolute majority of corporate security services were limited to protecting the company's buildings, preventing theft of inventory items, less often to scheduled inspections of counterparties (in contract work) and installing DLP-systems (Data Leak Prevention, information leak prevention programs) on the company's servers.
Everything was changed in 2020. The transition to remote work model mainly broke the information security paradigm that had been formed over the years. Now the information network of a business entity should be maximally protected from hacking.
Practice has shown that only the local network of an enterprise can be absolutely secure, the remote workplace of an employee is a wide "window" of opportunities even for a novice hacker. In fact, most of the systems have either already been hacked, or may turn out to be hacked, and the main task of any security system in remote operation model is to detect the attack and the attacker in the system as quickly as possible, to reduce their time capabilities in producing irreparable harm.
In this regard, one of the main trends in 2021 is the growing demand for highly intelligent means of protection that allow solving problems of timely detection of attacks and incidents. In particular, we are talking about security information and event management (SIEM), network traffic analysis (NTA), complex antiAPT solutions. At the end of the year, there has been an almost threefold increase in interest in technologies of this type.
Practice shows that every month there are new and newer risk factors for the security of doing business. The upcoming drop in the incomes of citizens in many countries and the bankruptcy of a number of companies are highly likely to lead to an increase in the number of economic and property crimes.
In this situation, business leaders are forced to build a strategy for protecting the main objects of corporate security from scratch, including business process, management and HR, assets, financial resources, material values, information resources, and the company's reputation. And, paradoxically, wealthy people, as in the 90s, again prioritize personal safety.
In addition, business security is not limited only to the physical protection of employees and property. An effective risk management system that meets the requirements of modern international standards is in demand.
In Belarus, the normative regulation of activities related to the security of doing business is in its first stage. There is of November 8, 2006 No. 175-З "About guard activities", but it is mainly designed to regulate the civil protection of company's property and employees, and to regulate the activities of the paramilitary guards.
We have to admit that in the field of corporate security of the Belarusian business in the modern Belarusian conditions there is a legal vacuum and this vacuum needs to be filled with something. It is very important to competently apply the existing international experience in this area, as well as take into account the national characteristics of our country.
I would like to note that large Russian business, albeit on a different track, is also following this path, trying to be incorporated into the world economic system.
Analyzing business security solutions offered by well-known international companies (Whitegates Security Consulting Ltd, Kroll, etc.), I want to mark a comprehensive security audit, the formation of a company's security architecture, due diligence, compliance and cybersecurity as the highly practically interesting for Belarusian business entities.
But the implementation of such solutions requires serious financial costs from the company, hiring of highly qualified specialists and end-to-end expert support at all stages of the formation of the security architecture.
In this situation, the most predictable business security trend will be a significant increase in the activity of attracting external consultants who have an extensive international network and are able to quickly form teams of highly specialized professionals to solve emerging problems (the so-called trouble-shooting).
But, as you know, security issues are so intimate for business owners that even in the presence of an obvious threat, the owners do not always dare to involve external experts to solve them.
Practice shows that an ideal decision for a Belarusian business in planning security issues is to use the services of so-called boutique consultancy, the main difference from the classic one is a personal approach to each client, the ability to form situational teams from highly qualified experts from all over the world and a reasonable price for the services provided (the price is always lower in comparison with the classical model, since the specialists do not always work on the staff of the company and there is no need to incur overhead costs).
At the same time, among the modern trends in the development of security consulting in our Republic, the formation of an end-to-end consulting practice of business security as the complementary team of a financial consultant, business analyst, lawyer and security expert.
Such a team should arouse the greatest trust if it includes a former law enforcement officer with a solid experience as a security expert and who is sufficiently proficient in both the basics of legislation and law enforcement practice. An invaluable role in this will be played by an expert's knowledge of the basic laws of behavioral economics (a direction of economic research that studies the influence of social, cognitive and emotional factors on behavior in the economy, economic decision-making by individuals and institutions, and the consequences of this influence on market variables: prices, profit, resource allocation). It will allow to predict with maximum accuracy the strategy of behavior of counterparties, employees, competitors, and inspection bodies.
It happens that businessperson resort to business security services only when the danger has already come and it is difficult to "rewind". Specialists can no longer help and the customer has to, depending on the area of the problem: take out loans on unfavorable terms, turn to expensive lawyers "without a guarantee of success", sell the business, start a liquidation, etc.
Thus, 2020 is a turning point in the strategy of economic and commercial development of Belarus and the world. We are witnessing the formation of a new paradigm of business security for private structures.