Almost a year ago, Wall Street analysts were saying that it was time to buy security firm stocks. The presumption was that the demand for security enhancements at most major U.S. companies would soar following last September's terrorist attacks. Of course, government officials strongly reinforced this notion by suggesting that it was not a question of whether there would be more terrorist attacks, but of when and where the next attacks would take place.
According to a new Gallup/UBS Employee Outlook Index August poll*, however, the demand for security upgrades at most U.S. companies in 2002 is not at all what people expected it to be. Most employees at for-profit, private sector firms say that the companies they work for have not upgraded their security for employees or for business records/data over the past 12 months. At those companies that have made an effort to improve security, most employees say the changes made have been minor.
At first blush, this lack of effort to upgrade corporate security on the part of most U.S. businesses seems surprising. But upon closer inspection of the issue, holding back on security upgrades may have been a very logical financial decision. A year later, although the danger of another attack still seems real, it is not hard to understand why most business leaders might assume that the chances their company would be impacted directly are minute -- particularly if they don't have facilities in the nation's most prominent cities.
In other words, the risk-reward ratio for most companies in the United States may not financially support a major increase in security efforts. And even where they do, decision-makers may opt to postpone such upgrades until economic conditions improve and/or the risks of loss become more apparent. In the meantime, companies will leave the problem of potential terrorism to the federal government. Of course, the nation's airlines made these same kinds of calculations and decisions with regard to airport security prior to last September, with disastrous results.
No Effort to Improve Employee Security
Nearly two out of three (62%) employees at for-profit, private sector firms say that the company they work for has not upgraded security for their employees since the Sept. 11 attacks. Another 23% say that their companies have made only minor improvements to employee security. Just one out of eight employees (13%) say that their company has upgraded its employee security a great deal over the past year. Although the sample sizes are relatively small, it appears that the lack of employee security enhancement is fairly uniform across regions of the country.
Little Effort to Improve Data Security
Four in 10 (42%) employees say that the company they work for has not upgraded its security for business records and other data since Sept. 11. Nearly one out of four employees (23%) say that their companies have made minor upgrades to improve their data security and about the same percentage (24%) say they simply don't know if any changes have been made. Just 10% of employees say that their companies have upgraded their business record/data security a great deal over the past 12 months. Once again, the lack of effort to enhance data security appears fairly uniform across the country.
Key Points
Over the next week, the nation's attention will focus once more on the Sept. 11 terrorist attacks. Some observers will point to all the signs -- that, in retrospect, should have been recognized before the attacks. They will ask why someone didn't do something to enhance airport security or make other efforts to prevent the tragedy.
This may also be a good time for U.S. businesses to reconsider their employee and data security with respect to the new potential threat of terrorism. It may be that the risk-reward ratios strongly suggest that potential security upgrades are not worth the costs. On the other hand, the potential for another war with Iraq does increase the risk of terrorism, and contingency planning sometimes pays off big.
*Results are based on telephone interviews with 559 adults who are employed with non-governmental, for-profit companies having five or more employees, aged 18 and older, conducted Aug. 5-8, 2002 and Aug. 19-21, 2002. For results based on the total sample, one can say with 95% confidence that the maximum margin of sampling error is ±5%. For results based on the samples of 140 regional breakouts, the maximum margin of sampling error is ±9%. In addition to sampling error, question wording and practical difficulties in conducting surveys can introduce error or bias into the findings of public opinion polls.
