Esri European Geo Risk Seminar


The world can be a dangerous place.

Violent extremism and organised crime are on the increase in the UK and, financial austerity has restricted the ability of our police forces to respond.

Internationally, populism has eroded political stability resulting in the apparent growth of terrorism, militancy, violent crime and civil protest. 

When something happens within your organisation, to your people, you must surely ask, could we have prevented this? 

So, imagine, you’ve sent an employee to meet a client in Nigeria. They take an airport taxi on a 2 ½ hr journey, from Abuja Airport to Kaduna in the north. En route, the taxi is attacked, and your employee kidnapped. 48 hrs later you receive a call from their family to say they have received a ransom demand.

Meanwhile, in the UK, two consultants have pulled a weekend all-nighter to support an urgent project. They leave the office together but are soon confronted by a bunch of youths. In the altercation that follows both are stabbed. 48 hrs later they are still in critical care in the hospital.

Both of these horrific incidents are based on actual events. Those involved were under the duty of care of their employer at the time. 

So, was there anything we could have done to have prevented them?

In the last year, we’ve have spoken with over 80 corporate security professionals who all describe facing the same challenges.  

Undermanned security departments who wade through available incident data, logging relevant events on Excel spreadsheets as and when time allows.  They then use their ad-hoc analysis to inform long-winded and misunderstood text-based security risk reports.

Business leaders have neither has the time or the inclination to read these reports. They also struggle to understand why the business is spending so much money on security. 

So, what might have happened had we used technology to enhance the capability of the company’s existing resources?

Let’s go back to Nigeria

The taxi took the most direct route down the A2 driving the employee from Abuja international airport to the client’s location in Kaduna. If the company had been able to visualise and assess the same data, they would have very clearly seen a number of incidents of vehicle hijack and kidnap on the A2.

When we chart the data, we can see an increase in the monthly number of reports of violence against civilians along this route. 

This data was not only known to the company, it was reported every week by the internal analysis team. But, the text-based weekly reports had not been read in sufficient detail to establish that a pattern had formed - a pattern that led to the violent kidnap of their employee. 

Fortunately, the employee was released, presumably after payment was made. However, the family took legal action, the company settled out of court and the employee still suffers the nightmares.


What could have been done to prevent these terrible incidents?

In Nigeria, if the security team had analysed the data more effectively, the risk to their employee would have become immediately apparent. They would have seen that the A3 was a better route choice - it was not the focus of violent attack. For the employee to be safe all that was needed was pre-arranged transport from a trusted provider to drive them to Kaduna on the A3.

In the UK, here’s the heat map detailing one year of violent crime and anti-social behaviour from an open-source API feed provided by We can see two hot spots of violent activity. Both are very close to a nightclub – which had a reputation for violent incidents and was subsequently closed down - near the entrance to the offices (left). The attack on the two consultants took place on the quickest walking route from the office to the train station (right).

So, could this terrible incident have been prevented? 

Again, if the security team had been able to visualise the open-source data available to them, the risk of violent attack to employees travelling after office hours would have been obvious.

The business could have simply made its employees aware of the risk. Combine that with a policy requiring a taxi to be used during higher-risk times of the day and week and the situation could have been avoided.

Interestingly, after the event, the company decided they should change the location of their office. So, we took a broader view of crime data across the city. When we did, we realised that the intended new location was in the centre of another hotspot for violent crime.

Potentially out of the frying pan, into the fire!

How can we encourage business to adopt this data-driven methodology?

Security departments are generally undermanned and operating on very restrictive budgets. By giving organisations the means to efficiently and rigorously analyse the data available, they can properly identify security risk. That applies to physical assets, IT, information and, most importantly, their people. 

That understanding could also influence both commercial property and general liability insurance premiums. PoolRe, Britain’s leading terrorism re-insurer offers a Loss Mitigation Credit (LMC) – it reduces the cost of insurance premiums for those who implement proven and effective risk mitigation measures.

Surely, we can extend this approach to incorporate safety and security in its broadest sense?

A small saving on insurance premiums could fund the simple training and technology needed to reduce the financial exposure of both insurers and insured. In doing so security departments can raise awareness of the risks to the business and, most importantly, protect our most critical assets - our people and their families.

Paul Mercer
Managing Director




HawkSight SRM becomes ASIS International Preferred CPE Provider

HawkSight SRM’s Security Risk Assessment Methodology eLearning has been recognised by ASIS as part of its Continuing Professional Education (CPE) programme. Successful completion of the eLearning certificate carries 5 CPE points from ASIS.