9/11 has shifted the way business is conducted globally, regionally and locally.
“Security” meant protecting your business from such things as fires, thefts, employee or visitor accidents, vandalism from the local deviants and in some cases as serious as industrial espionage.
Increasing protection because of 9/11 has most certainly changed the thinking habits of many large and small organizations but not all. Some of the current weaknesses in these companies is the lack of trained personnel or personnel that are interested in being trained or even believing that security is part of their daily responsibilities. Most companies lack the resources of on-staff security experts or at the very least one on retainer. This would help them establish the minimum frame work to build upon for an effective security program.
One way for companies to overcome this hurdle is to have a proper, comprehensive risk assessment of their needs. From there they can build a security program that includes the training of employees on the importance of the security program and how it affects them and how they affect it. Once in place this program can be and should be audited at minimum on an annual basis to ensure that their security program framework is still effective and appropriate for their risks and needs.