Compliance scorecard

Concerns about greenhouse gases and their effect on global warming are getting a lot of attention lately, including discussions at the high-profile Copenhagen climate change summit in December. Here in the United States, so-called "cap-and-trade legislation" faces an uphill battle in Congress; the proposal would allow companies that decrease their greenhouse gas emissions to sell leftover allowances to other companies on the open market. In the meantime, the Environmental Protection Agency (EPA) has already ruled that greenhouse gases threaten public health, a decision that paves the way for additional regulation of smokestack emissions including carbon dioxide.

Any ramping up of environmental legislation or regulation, including possible actions by Congress or the EPA, could lead to increased "radicalization" of environmental activist groups, suggests Lynn Mattice, chairman of the Board of Advisors of the Security Executive Council. "They will take this as validation of what they have been saying all along, and then take their activism and rhetoric to the next level," he says. Security professionals should therefore be prepared for possible physical and cyber attacks from these groups, Mattice says. In addition to high-profile demonstrations and physical assaults, these groups might be expected to "employ systematic network attacks on companies deemed to be contributors to global warming," he adds.

Companies should also consider the possible impact on other organizations in their supply chain that could be targeted. Mattice urges a robust evaluation of possible effects of increasing environmental concerns on the supply chain and of the residual impact on corporate operations, including possible ramifications of "guilt by association, as we have seen manifested by animal rights extremist groups."

Government institutions - including the Pentagon - are already looking ahead to the possible threats. This year, for the first time, Pentagon planners will include climate change among the security threats identified in the Quadrennial Defense Review, a report to Congress every four years on Pentagon priorities. Also, in October, the CIA established the new Center for the Study of Climate Change.

The Pentagon and CIA are oriented to consider worst-case scenarios and to establish plans for a variety of contingencies. Among the concerns is the melting of the massive Himalayan ice mass that could cause flooding and loss of life in areas of Bangladesh. In general, climate change could affect water supplies, crops and various countries' abilities to supply adequate food. It could also have an impact on the design of ships and aircraft. The National Intelligence Council is trying to develop early warning signs to suggest what areas of the world might be destabilized as a result of climate change.

Corporate America may tend to think the effects of global warning are far in the future. "A lot of it is hypothetical, but who knows for sure?" Mattice says. "There are highly respected scientists in both camps on this issue. You have to start thinking about the impact of these things." He urges companies to keep the possible threats in perspective, considering the limited time and resources available to deal with risks and the need to focus on what is foreseeable. Practically speaking, the only likely current consideration for a company might be where to locate a new facility: It might be a good idea to consider carefully whether to establish a new location on a coastline or in a projected high-risk area.

"In any case, security needs to be on the forefront of identifying and mitigating the risk. They need to be looking over the horizon at issues the company may be facing and developing methodology to deal with them," Mattice says.

As institutions oriented toward forward-looking, "what-if" scenarios, the U.S. military and government in general could be a good source of information and research about the possible future effects of global warming. Security professionals should consider seeking out the broad range of available dissertations and other publications to help educate themselves on the issue.

Mattice concedes that looking far into the future is not a common practice in corporate America: "Most companies don't have strategic plans beyond three to five years, and unfortunately many have gone to quarterly planning to appease Wall Street pundits," he says.

"The most important thing to do is to start a dialog with the heads of each business unit to discuss any possible future effects [of greenhouse gas regulation and global warming]," Mattice says. "Have the discussion not as a fear factor but to view the reality of what we may be dealing with; maybe it would only involve our association with a supplier. Engage with them and show them you are a partner related to emerging risks and how to deal with them."

The Security Executive Council is a problem-solving research and services organization that involves a wide range of risk mitigation leaders. Its community includes forward-thinking practitioners, agencies, universities, NGOs, innovative solution providers, media companies and industry groups. Backed by a Faculty of more than 100 successful current and former security executives, the Council creates groundbreaking Collective Knowledge(tm) research, which is used as an essential foundation for its deliverables. For more information about the Council, visit