include guaranteed forensic support during incidents, and whether your incident communications can bypass compromised systems. Dependencies reveal where to put the first attention, and the first exercise. They also reveal unlikely allies: the utilities operator who can provide surge power during a protest weekend, the fintech firm whose anomaly detection could flag fraud patterns that precede crime spikes, the university lab that can help validate open source narratives before they metastasise online.
It is also worth
acknowledging that not all pressure is adversarial. Infrastructure, environment
shock threatens public services, private logistics firms can often see the disruption forming days before it becomes visible in the retail environment. The hard part is not recognising the need for collaboration, but engineering it into daily workflows, agreeing thresholds for disclosure, aligning classifications to enable timely use, and building legal and governance frameworks that make partnership the default rather than the exception.
Technology, inevitably, sits at the heart of both opportunity and vulnerability. Artificial intelligence, automation, and advanced analytics can dramatically improve detection and response, but they can also create failure modes that are unfamiliar and harder to diagnose. The lesson for security leaders is twofold. First, insist on resilience as a design priority. Redundancy, contingencies, and manual fallbacks are not extras, they are core requirements for systems that must operate under stress. Second, treat governance as part of security. The way data is used, the transparency of algorithms, and the oversight of automated decision making all contribute to client, employee, or public acceptance and, therefore, to the freedom you have to deploy capability at scale.
What’s the start point, and what should we prioritise. The answer is unglamorous but reliable. Start with the map of dependencies, not the catalogue of threats. The same threat, for example, a hostile cyber campaign, will land differently depending on whether clients depend on a single facilities management vendor, whether the backup power is genuinely segregated, whether your cloud contracts
and non-threat related-shocks will test the same emergency response capacity that a security crisis would, and sometimes at the same time. The practical implication is to avoid designing single purpose resilience. Plans that only work for one scenario rarely survive first contact with the next. Instead, build modularity into response, communications channels that can scale, mutual aid agreements that can flex, training that emphasises decision making under uncertainty rather than rote compliance with a checklist. Leaders who practise ambiguity in exercises are less likely to freeze when it arrives in reality.
None of this absolves national institutions of their responsibilities. But waiting for national policy to settle before adjusting best practice is an unaffordable luxury. The pace of change requires local initiative. If you run a control room, stability starts with your data hygiene and access controls. If you oversee multiple sites, resilience starts with knowing which suppliers sit within your supply chain and how quickly you can replace them. If you are a chief security officer in the private sector, influence starts with ensuring the board understands that security is not a cost centre chasing yesterday’s risks but a strategic function enabling continuity, reputation, and growth.
© CITY SECURITY MAGAZINE – SPRING 2026
There is a final, more human point. The professionals who deliver security – operators, analysts, engineers, responders, guards – are being asked to hold more complexity than at any time in recent memory. They are being asked to detect faint signals without seeing ghosts, to move quickly without trampling rights,
www.citysecuritymagazine.com
to be candid about uncertainty while still projecting control. Supporting them is part of the strategic task. That means investing in training that builds judgement as well as technical skill, creating rotation models that reduce fatigue, and giving teams the psychological safety to raise concerns about capability, governance, or ethics before those concerns turn into incidents. What, then, does effective delivery look like in a world where geopolitics has become a daily operational variable? It looks like translating upstream dynamics into downstream readiness. It looks like security teams that can speak the language of procurement, technology, legal risk, and public communications, because that is where geopolitics shows up long before it appears on a threat board. It looks like exercises that combine cyber scenarios with misinformation surges and supply chain disruptions, because that is how crises arrive. It looks like leaders who treat partnerships as infrastructure, not as public relations accessories.
Ultimately, delivering security in this era is less about being omniscient and more about being adaptive. We cannot predict every shock. We can, however, shape how shocks propagate by tightening the links that matter and loosening those that concentrate risk. We can build public trust that buys time and space when decisions are hard. And we can cultivate a culture that treats geopolitics not as an abstraction for policy journals but as a practical variable in rostering, contracting, architecture, and response.
Geopolitics may be the topic, but the endpoint is very local. It is a hospital that stays open because energy contracts were diversified a year ago. It is the financial district that keeps trading because a transport failure stayed contained to one corridor. It is the protest that remained lawful and peaceful because engagement began early and the narrative space was managed as carefully as the physical space. This is what success looks like when strategy and operations finally meet, the city continues to function, the public remains confident, and the security profession retains the one commodity that matters most in a world of persistent change – credibility.
Charles Anderson
Global Lead: Operational Risk, Intelligence, & Sustainability Pilgrims Risk Management Group
www.pilgrims-rmg.com >
6
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36
