What retailers can do to navigate ‘perma-crises’

Leaders in enterprise and homeland security on living in a world where crisis never sleeps
Sheryll Poe
NRF Contributor

Incorporating crisis preparedness and response into any organization’s corporate strategy can minimize the impact of future disruptions, according to two leaders in crisis management and enterprise security at NRF PROTECT.

Whether it’s high-volume cyberattacks, organized retail crimes or the increasing incidences of violence in retail environments, “We’re all living in a perma-crisis. We’re moving from one crisis to the next,” said Jonathan Wackrow, COO and senior managing director of Teneo Risk.

“Our ability to respond, address and recover is all predicated by how we’re going to prepare on the front end, both as individuals but more importantly as organizations,” said Wackrow, a former special agent in the U.S. Secret Service who also serves as the global head of security for Teneo.

“If you study crises, the one thing that you can establish now is a very sophisticated situational awareness system.”

Juliette Kayyem, Harvard’s Kennedy School of Government

Disruption needs to be part of any organization’s business planning, said Juliette Kayyem, professor and faculty chair at Harvard’s Kennedy School of Government, where she oversees the school’s Homeland Security Project. “We can learn to fail safer,” Kayyem said. “If you study crises, the one thing that you can establish now is a very sophisticated situational awareness system.”

Kayyem, who is also the author of “The Devil Never Sleeps,” pointed to the recent wildfires in Canada that caused unexpected flight delays and cancellations at major airports and travel hubs in several major U.S. cities.

“Bad things are going to happen,” she said. “Part of the challenge now is where disaster management and our planning is not quite ready for is these sorts of apocalyptic events.”

Many threats facing retailers today are international and even global in scale. There is value in loss prevention, asset protection and cybersecurity personnel staying on top of rising issues even in areas where a retailer might not have a location, said panel moderator David Johnston, NRF’s vice president of asset protection and retail operations.

“Harm is global,” Kayyem said. “We’re not alone here in terms of catastrophes. Having a greater focus on — rather than the statistical likelihood of harm — just what would happen if that harm came. Nobody’s ever going to be truly ready, but [we want to be] minimizing harm.”

Wackrow said it starts with awareness of global events or geopolitical situations as well as knowing where an organization has assets and dependencies.

Asset protection

Browse resources and read NRF's latest articles related to asset protection.

“What are the influences that are beyond the continental United States?” he said. “Is it supply chain issues? Is it technology issues? What kind of dependency does your organization have on different parts of the world?”

The bifurcation of risk in the private sector is one area of concern. “After 9/11, everyone had a chief security officer, then [with the rise of the internet], a chief information security officer,” Kayyem said. “Now after the pandemic, everyone has a chief medical or chief health officer. How is that helpful? They need to be feeding into the chief preparedness officer — that’s a much better role in the private sector.”

Wackrow agreed, noting that the C-suite must be structured in a way that encourages partnerships and collaboration. “All these organizations have these key roles but are they working in unison with each other to address one common goal? Sometimes I think they’re not,” he said. Sometimes “they’re reacting or overreacting.”

Another area of great concern among retail security professionals is the rise in crime and violence in the U.S., Johnston noted, whether it’s an active shooter situation or violence committed in commission of crime.

Many factors have contributed to the increase in violence, including socioeconomic, changes in urban demographics, breakdown in communities, availability of guns and high-powered weapons and lack of prosecutorial consideration.

NRF PROTECT

Checkout the recap and learn more about NRF PROTECT 2023, covering insights and strategies on loss prevention, asset protection, digital fraud and cybersecurity.

“There is no simple answer or single solution,” Wackrow said. “It takes a strategy to go into these different communities to assess the key factors contributing to the rise in crime and then address those head-on, but it takes a whole community approach.”

When it comes to active shooters or workplace violence in retail, “these critical incidences are very formulaic,” Wackrow said. “It’s not normal to wake up on a morning and decide to go into a supermarket and kill people. There are things that have preceded that, along the behavioral continuum, which are red flags. We have to get smarter as organizations to identify early on and have that early intervention.”

That includes raising concerns about a disgruntled or at-risk co-worker, employee or former employee to human resources, legal and security — frequently and often. “Many jurisdictions have red flag laws that extend to employees,” Kayyem said. “The data suggests interventions work. We know from the data that the more barriers between ‘I have a bad thought’ and ‘I’m going to shoot a lot of people,’ the better.”

Related content

A Guide to Developing a Retail Supply Chain Cybersecurity Risk Management Plan
 
A woman working on a computer.
This guide identifies supply chain-related cybersecurity risks and offers best practices for retailers.
Read more
Fight retail crime during the holidays and beyond
 
Total Wine & More team members meet with Rep. Darrell Issa.
NRF’s third annual Fight Retail Crime Day mobilized the industry.
Read more
Cybersecurity in retail: How to bridge the trust gap
 
A photo of an individual working on the computer displaying work in security.
Data security is a key differentiator in today’s privacy-driven market.
Read more