The Risk Advisory Group: At the heart of a growing industry




By Mark Huband

Financial Times, 24 June 2005

Helping businesses help themselves is no longer the benevolent act it may have seemed in the aftermath of the September 11, 2001 terrorist attacks.

A sense of common purpose prevailed as private sector advisers, government agencies and companies themselves sought to address the threat to business operations in the months after the attacks in the US.

But in the more than three years that have since passed the roles and outlooks of all forces in the provision of security have changed.

These changes have three salient features. First, the security industry has become more professional and less dependent upon being able to convince companies that former army officers who join private consultancies can automatically produce security blueprints and business continuity plans.

Second, private sector companies have become more adept at assessing their own vulnerabilities and are now better able to pick and choose the services they are buying in from private security companies.

Third, the distinction between the lengths to which companies themselves assess they can go to to protect themselves, and what they can expect governments to do on their behalf, has become clearer. As a consequence, companies and their private security advisers – both external and in-house – have become more realistic about the measures they can effectively take to protect their operations.

For the private security industry itself, these changes have led to a rapid process of growing up. Some analysts assess the value of the global homeland security market to be $70bn. While much of this is accounted for by hardware – with established defence companies aggressively seeking to expand their market share in airport security for example – a great deal of the long term value of the industry is in the advice and consultancy sectors.

“We have always seen there will be opportunities to come together with other providers”

Competition between the private security companies has become intense, though the industry has yet to begin the process of consolidation as a part of the likely process of expansion. Instead, companies are caught between knowing their strengths and knowing they have to branch out in order to turn their specialist skills into a permanent feature of the service sector.

Seeking to expand its range while preventing overstretch, has dominated the strategy of The Risk Advisory Group (TRAG), the London based security and business intelligence consultancy.

Assessing the projected growth of the consultancy market is proving extremely difficult, though the company now earns just over half its income from the provision of security – much of it in Iraq – and the rest from business intelligence and advisory services.

“The biggest factor altering the proportions would be if there was a major international incident that affected things on the security side” says Richard Prior, deputy chief executive.

“But these proportions will be fairly stable for the next few years. To some extent we are tossed around by events. But the intelligence and investigations side of our business is one that has shown a much more stable level of growth and development,” he says.

But from the perspective of the security companies, the peaks and troughs of the market are also increasingly determined by changing perceptions among the companies buying their services.

“There’s a more sophisticated consumer out there now than three years ago,” says David Claridge, managing director of Janusian Security Risk Management, TRAG’s security arm.

“On the security side there certainly was an air of urgency. Whereas now one can detect that clients are taking a more considered approach. They are perhaps more discerning in their choice of providers. Meanwhile, there has been a huge burst of companies coming on to the market. It’s more competitive. For companies providing high quality services the same competitors remain and the market remains rather small,” Mr Claridge says.

Companies are increasingly assessing the range of threats to business continuity against the background of their growing ability to prevent threats becoming reality, particularly in the areas of cyber security and reputational risk. But while a similar process in the public’s attitude towards the terrorist threat has to some extent encouraged complacency owing to the absence of attacks, businesses have gone the other way, TRAG says.

“Among City institutions there has been very little diminution of the attention to security matters. Business continuity is the lifeblood for them,” says Mr Prior. He says TRAG is regularly looking at ways to grow and had numerous takeover approaches, mainly from North America. “We have always seen that there will be some opportunities to come together with other providers that are strong in other areas. How that coming together progresses, we haven’t reached any conclusions. We don’t feel the need for growth in order to sustain ourselves,” he says. “We are constantly trying to move ourselves up the food chain, notably on the business intelligence side. So our relationships [with companies] tend to move higher up, to board level.”


© The Financial Times Ltd 2008.