The organisational landscape has changed rapidly since the start of the 21st century, leading to more demands on security professionals who need to have a high-level and overarching understanding of the complexities of the organisation. Increasingly, there is a greater need for awareness of the demands, and limitations, of the socio‑technical interface within organisations. This is within the context of a culturally diverse, highly mobile workforce, operating in a global competitive environment against a background of new and increased risks from multiple sources.
Several critical aspects have influenced the way organisations operate in this century. Some factors are intrinsic to the organisation, while many others are beyond the direct control of organisations. Several notable influencing factors are the pace of change, which seems certain to continue to increase; global competition; additional and different risks and threats, including disruptive digital technologies; changing vectors; and the changing relationship and expectations between employers and employees.
In resilient organisations, this has led to a management cultural revolution and, given these imperatives, effective security professionals today are those who no longer embrace parochial practices, but rather international security management practices, including understanding and being equipped to address socio‑technical challenges.
Technological advances have improved communications, encouraged innovation and creativity and saved time within an organisation. Technological gains have also changed the way people engage and interact with each other, especially in the workplace. Recognising the need to optimise the relationship between the technology system and the social system is one of the most demanding areas and pressing imperatives for security managers. Some technological advances have redefined socially appropriate and acceptable behaviours in the workplace, such as sending emails to the person in the next office or work cubicle instead of speaking to them directly. Yet, some technological developments can also cause people to be distracted, overly stressed and potentially isolated in their work environment.
Part of the daily work of security professionals and managers is to deal with problems which occur during everyday business and organisational operations. These daily problems can be about tangible issues such as infrastructure, communication equipment, supply chains and so on. Other problems can be less tangible, such as informal networks, interpersonal communications, human relations, employee discontent and passive-aggressive disruptive behaviour. While some of these types of problems can appear, at least to the superficial observer, to be time consuming and not directly security related, some can be more insidious and destructive to the overall integrity and resilience of the organisation and its future if they are not detected, monitored and mitigated as soon as possible.
With the socio-technical imperative in mind, an integral aspect of a resilient organisation today is good human resource management and it should be a fundamental quality of all security managers and professionals. Just as a good manager should not allow a valuable machine or other asset to break down because of lack of maintenance, similarly, a security professional should not allow a valuable human contribution to be lost or become vulnerable because of lack of proper care and appropriate attention.
Levels of job satisfaction, job involvement, organisational commitment, absenteeism and turnover, as well as poor or inadequate performance, can be early and critical signs and potential indicators of inhibitors of resilience within an organisation. These types of indicators can also help identify potential weaknesses in the security of the organisation.
It is imperative that all security managers and professionals today understand the complexity of the inter-relationships within each organisation and do not view people or technology in isolation of each other, but recognise each component as part of the overall socio-technological system contributing to organisational resilience.