Companies today are critical role players in matters of public security policy. Their actions are often guided by the national and international regulations in the current era of globalization. The roles played by corporations may not be well understood as explained and argued by some authors. A statement by Briggs posits that “companies, on the whole, have not grasped their wider responsibilities in relation to security and have failed to imagine themselves as being part of the public policy discourse.” This essay critically evaluates the statement regarding how it best applies to modern businesses and their security policies. A definition of the concept of security and an examination of the discourses in public policy will be presented to form the basis on which the arguments are made. The main argument here is that private organizations have been responsible for their own security which can be seen as critical contributions to public policy.
The discourse in public security policy reveals that society faces several common challenges such as terrorism. The literature also affirms that the corporate sector can play a large part in resolving these problems (Hayes & Ebinger, 2011). However, the statement above that companies has not understood their role means that it is prudent to examine the current issues surrounding public policy and the role of the private sector in the context of security. Several authors have tried to define the concept of security in its general context while others focus on corporate security. One of the basic definitions of security is the assurance of freedom from want or poverty or precautions taken against espionage or theft. In simpler terms security entails the realization of a stable and predictable environment in which an individual or a group can pursue certain ends without harm or fear of injury or disruption (Brooks, 2010). In national security, the focus is usually on ensuring the physical survival of the country and the protection against anyone trying to encroach upon it (Snow, 2017). Depending on the context, therefore, security means protection against adversities.
The concept of corporate security provides a better approach to examining the role of private institutions in public policy. Researchers such as Walby and Lippert (2013) attempt to distinguish between corporate security and contract private security and emphasize that the former is concerned with the protection of assets, information technology, and personnel within the businesses. Similar definitions have been offered by Meerts (2013) who explains that business security entails specialized private safeguards offered to the private businesses and, in some cases, public institutions. Regardless of the definition, many publications reveal that modern businesses understand the need for security, especially during the digital age, and most have put in place measures and frameworks to achieve ultimate security (Simonsen, 1996; Lippert et al., 2013; Aleem et al., 2013). In the context of digital technologies, several studies explain how firms have tried to implement security infrastructures to safeguard their systems (Palmateer, 2017; Zhang, 2018; Zhang et al., 2019; Khan & Salah, 2018). These studies reveal that the topic of security is taken seriously by firms as well as scholars.
It is important to examine what the statement by Briggs means before examining its correctness within the modern business environment. The statement highlights that the main issue is the role of corporations in matters of public policy. The literature cited above majorly focuses on how the security concerns are addressed within the private institutions and does not indicate the implications on a country’s security policy. The specialized protection described by Meerts (2013) or the security infrastructure for the digital systems expressed by Palmateer (2017) are concerned with the private sector and not the public sector. The Briggs statement insinuates that businesses do not see themselves as part of the public policy discourse. Such a sentiment can be evidenced by that even studies on the public security policy hardly mention the engagement of the private sector. It has been over a decade since that statement was made, and the question that should be asked is whether there are discourses linking the private sector to public policy.
In answering the above, it can be argued that the national policies regarding the protection of critical infrastructure (CI) tend to consider the role of private businesses. The discourses on CI security can be seen as bringing together government efforts and corporates’ security frameworks. The study by Hayes and Ebinger (2011), for example, expresses that the risk and responsibility practiced in the private sector plays an important role in safeguarding the infrastructure of a particular country. In a publication by Retter et al. (2020), which focuses on the Dutch government, a definition of critical processes, infrastructure, and sectors is presented to include those owned by the private firms. In other words, if a government like that of the Netherlands seeks to ensure the ultimate safety of the country, all assets owned and operated by the government and major corporations are included the policy formulation. It is argued here that these policies will require the input of all stakeholders, private and public. These publications are examples of modern public policy being influenced by private entities. They show discourses on private organizations playing a vital role in public policy.
Some modern studies have attempted to show that the public policy is a joint responsibility of the public and private sector or that the security concerns are transferable between the two. A study by Petersen (2013) labels security professionals as hybrid agents between national and corporate security. That is to say that the personnel responsible for a business’ security issues has to be familiar with the national security as well. The policies across the two sectors are interconnected and tend to influence each other. The firms may not see themselves as directly responsible for national security but they make efforts to protect the resources within their jurisdiction. Such efforts can be considered responsibility reflected in actions rather than in discourse.
Other publications have expressed the need for a collaboration between the public and private sectors on matters of security. For example, the private-public collaboration is regarded by Meerts (2019) as a necessity for coexistence. This author is quick to notice, however, that the collaboration often means the private businesses to cooperate with the government in the formulation and enforcement of the public policy. Regardless of the nature of these relationships, the basic idea is that organizations are starting to play a vital role in the implementation of government policy. Meerts (2020) has continued to examine the public-private relations in matters of corporate investigations among others meaning her publications illustrate the desire to merge the two sectors for joint public policy development. Additionally, Stout and Gramitto (2018) view corporate governance as “privately ordered public policy” (p. 551) meaning businesses can be at the center of the public policy efforts. These researchers have tried to counter Brigg’s statement that businesses are not being responsible by outlining ways in which they are or can be useful in matters of public policy.
It is also important to acknowledge that the security needs and approaches for the businesses can be different from those of the government. The discourses in public policy can only force firms to be part of it if the policies directly address the specific interests of the private sector. Revisiting the definition of corporate security, it emerged that private companies are focused on controlling the governance across the organization and safeguarding the information, people, and assets it controls (Ludbey et al., 2018). It is a matter of self-protection which can be seen as adding a layer of safety on top of that offered by the government. Each company faces different challenges in areas such as information security or cyber threats. The approach of security matters from a risk management perspective makes modern businesses attempt to shift from risks to competitive advantage (Briggs & Edwards, 2006). The perception is that rewards are derived from taking risks, meaning businesses will embrace risk whilst public policy could be seeking to avert it (ASIS International, 2010). This is a reason why the two discourses can be expected to diverge.
A vital critique of Brigg’s statement can be in the form of the question of what private businesses need to do to prove that they are part of the public policy. A further criticism can be achieved by asking how governments develop public policy in a country where the key economic actors are the private entities. A rational argument is that government responsibility is the protection of people and property, both public and private. In this case, discourses in public policy are inadvertently discussing security requirements in all sectors. The discussion of critical infrastructure protection discussed above illustrated this point. It is emphasized here that public policy focuses on all critical processes, infrastructure, and sectors (Retter et al., 2020). Additionally, the public-private relations in matters of public policy reveal businesses have a key role to play. Therefore, Briggs needs to explain how businesses have alienated themselves from public policy discourse and explain what they need to do to engage themselves in such discourses.
In conclusion, Briggs’ statement fails to properly depict the role played by the private sector in the formulation and implementation of the public sector. Firstly, the businesses’ security needs are more specific to them as explained by the need to hire private security. With the government offering a general framework, the firms can be allowed to use the opportunity to tune their infrastructure to suit their needs. Secondly, the inadequate literature linking private businesses and national policy cannot be blamed on the corporations. Such links are starting to be developed with several studies explained above proving the public-private relations are a reality and that the protection of CI requires collaboration between the two sectors. Companies have implemented their own security systems to protect people and resources, and this is seen as an adequate contribution to the broader national security.
References
Aleem, A., Wakefield, A., & Button, M. (2013). Addressing the weakest link: Implementing converged security. Security Journal, 26, 236-248. Web.
ASIS International. (2010). Enterprise security risk management: How great risks lead to geat deeds. The CSO Roundtable of ASIS International.
Briggs, R., & Edwards, C. (2006). The business of resilience: Corporate security for the 21st century. Demos.
Brooks, D. (2010). What is security: Definition through knowledge categorization. Security Journal, 23, 225-239. Web.
Hayes, J., & Ebinger, C. (2011). The private sector and the role of risk and responsibility in securing the nation’s infrastructure. Journal of Homeland Security and Emergency Management, 8(1), 1-25. Web.
Khan, M., & Salah, K. (2018). IoT security: Review, blockchain solutions, and open challenges. Future Generation Computer Systems, 82, 395-411. Web.
Lippert, R., Walby, K., & Steckle, R. (2013). Multiplicities of corporate security: Identifying emerging types, trends and issues. Security Journal, 26, 206-221. Web.
Ludbey, C., Brooks, D., & Coole, M. (2018). Corporate security: Identifying and understanding the levels of security work in an organisation. Asian Journal of Criminology, 13, 109-128. Web.
Meerts, C. (2013). Corporate security – Private justice? (Un)settling employer–employee troubles. Security Journal, 26, 264-279. Web.
Meerts, C. (2019). Corporate investigations, corporate justice and public-private relations: Towards a new conceptualization. Palgrave MacMillan.
Meerts, C. (2020). Corporate investigations: Beyond notions of public-private relations. Journal of Contemporary Criminal Justice, 86-100. Web.
Palmateer, K. (2017). Defining security in primary key infrastructures. Journal of Information Technology & Software Engineering, 7(5). Web.
Petersen, K. (2013). The corporate security professional: A hybrid agent between corporate and national security. Security Journal, 26, 222-235. Web.
Retter, L., Frinking, E., Hoorens, S., Lynch, A., Nederveen, F., & Phillips, W. (2020). Relationships between the economy and national security. Rand Europe.
Simonsen, C. (1996). The case for: Security management is a profession. Perpetuity Press.
Snow, D. (2017). National security. Routledge.
Stout, L., & Gramitto, S. (2018). Corporate governance as privately-ordered public policy: A proposal. Seattle University Law Review, 41, 551-576. Web.
Walby, K., & Lippert, R. (2013). Introduction to special issue on new developments in corporate security and contract private security. Security Journal, 26, 201-205. Web.
Zhang, D. (2018). Big data and privacy protection. Advances in Computer Science Research, 77, 275-278. Web.
Zhang, R., Xue, R., & Liu, L. (2019). Security and privacy on blockchain. 52(3), 1-34. Web.