• News Releases
• Commentary
• Announcements
• Calendar of Events
• Multimedia

News Release

FOR RELEASE Monday May 10, 2004

More than one in three companies (36 per cent) expect terrorists to deliberately target their organisation or staff, according to research released today by RAND Europe and Janusian Security Risk Management, the security arm of The Risk Advisory Group (TRAG), in conjunction with (and published in today’s) Financial Times. The statistics mark a jump of 50 per cent over 2003, when 24 per cent of businesses expected to experience some form of terrorist attack.

Sixty-six per cent of respondents believe terrorism is now a ‘significant threat’ to their organisations, with four out of five (83 per cent) believing that this threat will increase over the next 24 months, according to the study which was conducted among security and risk managers at the UK’s largest corporations. These figures are an increase on the previous year at 63 per cent and 74 per cent respectively.

The survey reveals the level of concern the business community has about Al Qaeda and instability in the Middle East, with a staggering 93 per cent of respondents believing that the war with Iraq has increased the threat of global terrorism. Eighty eight per cent of organisations believe that Al Qaeda presents a higher threat than more traditional forms of terrorism—with 76 per cent being more concerned about Al Qaeda than traditional domestic terrorism in particular.

Respondents felt that the Middle East represented the region of greatest terrorism threat to their businesses (71 per cent), followed by Western Europe at 52 per cent. Surprisingly a region that has traditionally held high terrorism concerns for businesses, Latin America, comes bottom of the list with a figure of only 18 per cent threat-perception.

When it comes to ranking typical threats to business, terrorism was consistently rated by respondents as the most serious crime. Compared to threats from fraud, external crime, computer hacking and industrial espionage, terrorism was consistently rated as the most serious threat—a reversal on last year’s findings when cyber-threats were higher than terrorism.

More than half (57 per cent) of all respondents felt that unconventional weapons were likely to be used by terrorists in an attack, closely comparable to the figure of 58 per cent presented by cyber-terrorism. This is a marked difference to the 2003 results which indicated that cyber-threats were overwhelmingly seen to more likely than a WMD attack. Specifically threats from chemical or biological weapons stand at 30 per cent compared to 18 per cent in 2003, radiological weapons 21 per cent compared to 12 per cent and nuclear weapons six per cent compared to 12 per cent.

Importantly, only 16 per cent of respondents felt that security measures introduced since 9-11 have decreased their organisation’s ability to achieve its business goals, with 54 per cent feeling that security measures have had a positive benefit in this respect. Yet an overwhelming 77 per cent of organisations spend less than two per cent of their global revenues on security.

David Claridge, head of Janusian Security Risk Management, said:

“World-wide terrorism in 2003 has clearly had an impact on how businesses view the terrorist threat; compared to the past, organisations are now more worried about the threat from Al Qaeda’s brand of terrorism than anything else, including more traditional domestic terrorism and other categories of criminality

“Businesses are now clearly aware of the risk to their organisations from terrorism and are deeply concerned about it, foreseeing turbulent times ahead. Those that have introduced new security measures in response to recent terrorist attacks have felt the positive benefits towards achieving their business goals, dispelling the commonly-held assumption that security is always a hindrance to businesses.

“Businesses need to take steps to protect themselves and their staff from the increasing global threat of terrorism. Simple measures can be put in place, from screening employees to enhanced information management to travel security programmes. Our survey showed that many businesses are already employing these, but that a significant minority still have gaps.”

Kevin A. O’Brien, Senior Policy Analyst with RAND Europe, solidified these concerns, stating:

“While it is not surprising that the overwhelming majority of respondents saw the attacks of 9-11 as a significant increase in the threat to their business, it is most interesting to note that more than two-thirds of respondents felt the Madrid attacks of March 2004—which targeted the general public—were of greater significance threat-wise to their businesses than the November 2003 Istanbul double-bombings—in which HSBC was directly targeted—which only 50 per cent felt had had an impact on their perception of the terrorist threat.

“In addition, as MI5 increases its openness and assistance to businesses concerned about the threat of terrorism, it is notable that almost three-quarters of businesses appear to rely heavily upon government agencies for intelligence about terrorism, but only a third receive similar levels of advice on physical security. This is an area where co-operation with the Security Service needs continual addressing to meet the needs of businesses.

“Finally, it is also noteworthy that companies are recognising cyber-threats as being of at least equal weight to more traditional or physical threats against their businesses' bottom-lines. While obviously there is clear overlap between many of the 'real-world' threats noted in our survey and cyber-threats—which in many cases would serve simply as a conduit for these other threats—these figures clearly highlight the growing perception that businesses have of the at-least-equal threat presented from cyber-space to their business continuity.”

The study by Janusian Security Risk Management and RAND Europe, in conjunction with the Financial Times, polled the views of 88 security and risk management professionals at major corporations, the majority of whom were multibillion-pound companies with international operations. Fifty-two per cent of the companies have a turnover of £1 billion or more. All respondents were guaranteed anonymity, helping to deliver a significant respondent set in what is typically a very secretive area of business.

The research results will be presented at a half-day conference on terrorism risk and business—“Containment and continuity: terrorism risk management strategies for business”. This conference is jointly hosted by Janusian Security Risk Management and RAND Europe, and takes place in London on Thursday 27 May 2004.

Further enquiries:
Ray Eglington / Rachel Hall
Four Communications plc
T: +44 (0) 0870 420 3219
M: +44 (0) 7973 893208

##

Janusian Security Risk Management Notes to editors:

1. The Risk Advisory Group’s security risk management services are provided through its subsidiary Janusian Security Risk Management. www.janusian.com
2. The Risk Advisory Group is one of Europe's leading independent investigations and intelligence consultancies, specialising in providing analysis and advisory services to a wide range of private and public sector organisations. It was founded in late 1997 and currently employs 80 staff, at offices in central London, Moscow, Paris and Iraq. Further information is available at www.riskadvisory.net.
3. Photography is available from Rachel Hall (contact details above).
4. A copy of the report is available from www.janusian.com/survey

RAND Europe Notes to editors:

1. RAND Europe is an independent, not-for-profit institution that serves the public interest by helping to improve policy and decision-making through objective and multidisciplinary research and analysis. It works to find public-private solutions to shared problems. RAND Europe helps European governments, institutions, and firms with rigorous, impartial analysis of the problems they face. By disseminating analyses and ideas, RAND Europe also informs public debate.
2. Its offices are located in Cambridge, Berlin and Leiden—the first of which (Leiden) was opened in 1992. The Cambridge office has been operational since 2000, and the Berlin office since 2001. RAND Europe divides the broad spectrum of its work in the following areas: Health and Society, Information Society, Surface Transport, Aviation, Defence and Security, and Modelling.
3. Further information is available at www.randeurope.org. RAND Europe is an independent subsidiary of the U.S.-based RAND Corporation; further information is available at www.rand.org.