Security Management 1. Some operational contingencies are considered core because the operation could not function without it. A core operational contingency is one that must remain functioning. This is important for contingency planning, so that when you plan for the more common risks that the operation faces, you ensure that the core ones are taken care of, and will continue to run. If you run an e-commerce site, for example, you would consider the ability to keep your website running and continue taking orders as a core contingency. Everything else can suffer from some downtime if necessary, but keeping the revenue coming in is a core competency.

The non-core competencies are the ones that can be disrupted without entirely disrupting the business. This does not mean that the operation can continue indefinitely without these competencies, just that they can be interrupted without completely interrupting the operation. A classic example is human resources. A company cannot run without a human resources department, but if that department was offline for a day or two, the business would not be in a state of strife. It would still be able to continue operating, just maybe with a few issues here and there. Finance is another similar type of function, or marketing, or sales. Risk management could be offline for a day or two as well, in all honestly – you wouldn't want to run an organization without it but the business would survive for a day or two in all likelihood.

2. The Rand Report has been so influential on security practices, because it has been a thought leader...

Rand's work is high profile, and it calls attention to security issues. The reports have been able to identify emerging security issues, and start to lay out best practices for addressing them. In the security field, having a publication that highlights these issues in a way that makes decision-makers understand them creates a call to action. The security field benefits from both the advocacy and thought leadership. Security and risk management is a field that many people do not think about until they are faced with a crisis. The Rand Report instilled in people at leadership levels across society the need for proactive approaches to security management, and in that way is really shifted the public consciousness with respect to what good security practice should look like.
I would say that referring to security practices are private police is pejorative. Private police is polite semantics for mall cop, quite honestly, if you want to take it that way. Basically, public police forces have a certain legitimacy within society, and therefore the word police when used in another way has a pejorative connotation to it. Furthermore, security services encompasses so much more than simply patrolling and responding, so to focus on that one singular element is an inaccurate portrayal of what a private security company often does.

3. The events of 9/11 have reshaped private security in a couple of ways. First, there is more attention paid to proactivity. Where before 9/11 someone on security patrol might take a very passive approach and only look for vandals or thieves, now…