Companies are rarely faced with counsel as diverse and contradictory as that on terrorism

risk management. For instance, the Organisation for Economic Cooperation and Development

(OECD) thinks the danger is so great that insurance should be mandatory, while others say it

is so small that action does not even merit a cost−benefit analysis. As such, it is possible that

the issue has little to do with actual risk, and much more to do with the perception of risk.

After all, although it may not seem like it, terrorism is waning and according to the US terrorism

Country Report, international terrorism has been in decline since 1987, with fewer than

half as many incidents in 2005 than annually during the peak years of the mid-1980s. Moreover,

in spite of the horrific events of September 11 2001, in New York, fewer people were killed by

acts of international terrorism in that year than in 1998. What has changed, however, has been

the emergence of the once-sheltered US business sector as a target for international terrorism.

Businesses are now more likely to be attacked than other targets, including diplomatic,

government and military facilities and two-thirds of those attacks invariably use bombs, not in

the Middle East, but in South America and Asia. For this reason it can be argued that business

needs to catch up on the lessons of terrorism management, long-since applied in diplomatic

and military circles.

After September 11 2001, the new focus on terrorism in companies saw all eyes turn to

insurance and, thanks to a US state reinsurance scheme, four years later, 44 per cent of US

businesses are covered against terrorism. In the heavy lobbying that preceded this move, it

was assumed that insurance was unquestionably desirable in the face of terrorism risks, and

the OECD went so far as to call for mandatory terrorism insurance. However, the OECD’s

conclusions were rooted in an analysis of September 11, and it argued that a similar event

now would prove even more costly, making the paucity of insurance alarming.

This begs the question of whether businesses should be prepared for more attacks along

the lines of September 11. According to Justin Priestley, director of the crisis management

division at risk managers Aon: ‘It will be years before another such attack.’ The war on terror

has knocked back the expertise, commanders and financing of al-Qaeda and the foreseeable

terrorism risk is now of the home-grown variety, on soft targets, he says. The attacks in

London on 7 July 2005 were typical of this under-resourced, ‘brand terrorism’. While this

was the deadliest single terrorism event in London, with the most explosions, one study by

the Victoria Transport Policy Institute argues, that when commuters view public transport

as dangerous and switch to cars, traffic accidents kill and maim more people than terrorism,

and this makes it vital to manage perceptions of risk. Thus public transport and companies

too must be seen to be exercising a duty of care if they are to continue business as normal.

Moreover, being a visibly soft target is a poor management strategy, whether or not you are

in a terrorism-target city.

In the US, 2 per cent of disasters that befall companies are the result of malicious acts and so

there are very few are acts of terrorism; disgruntled staff are a far greater threat. Indeed, in food

production or the chemical industry, the potential for malicious damage makes the security

of production facilities a corporate duty and the same element of responsibility applies to

contingency planning. For example, a recent survey by insurer Royal & SunAlliance found that,

since the London attacks, just one in seven British businesses had reviewed their contingency

plans for terrorist attacks, although in London one-third had. Yet across all potential business

disasters, including fire, avian flu, flooding and hurricanes, the consequences of terrorism are

similar to those of other risks; premises can be destroyed, staff killed and communication

temporarily destroyed.

Essentially, poor preparation for terror attacks reflects weak risk management. In the past

two years, vanguard companies have grasped this and begun turning to specialist advisers to

ensure they are better prepared. For example, security experts can train staff at entrances to

15

spot a reconnaissance operation and advise on the design of buildings, says Mark Cooper, a

director at security consultancy C2i International. In concentrating resources on security and

contingency planning, companies can also reduce terrorism insurance premiums and this is

particularly important once terrorism insurance is needed, says Graham Heale, underwriting

director at Royal & SunAlliance. Through the Pool-Re system, UK companies have access to

terrorism cover across all their properties. But often, companies seek insurance only for a

trophy building or new buildings where financiers require such cover. This has caused the

stand-alone market, which allows for bespoke terrorism insurance to grow to a capacity in

2006 of $1.3bn, says Aon. Thus companies are becoming more sophisticated in their response

to terrorism risk.

The best are improving their security and contingency planning and buying targeted insurance

policies. But many more have yet to see that the business consequences of terrorism resemble

those of many other possible disasters, which can, and should, be prepared for.

Source: Luesby, J. (2006) Terrorism: it is perception that counts, Financial Times, 25 April

1. What are your views on the risks facing British business from international and domestisc

terrorism?

2. Do you feel that business takes these risks seriously enough and, from what you have

read in the chapter about the process of perception, how do you account for the

apparent lack of attention focused on this matter?

3. What, in your view, should be the approach of British businesses to the potential

threats from international and domestic terrorism, and what practical steps could

firms take to protect their employees and customers to risks of this type?