Cases – Companies & Organisations

Establishment support abroad

Background: A medium-sized Swedish company was in the preparatory phase for quoting on a major contract on the Arabian Peninsula. To be able to submit an informed business proposal, the company required a detailed assessment of the security situation, the key threats as well as an understanding of the security measures needed and the associated budget.

Delivery: The SRS analyst team conducted a review of the situation in close collaboration with local consultants and delivered, based on proven methodology, a thorough decision-support document including detailed recommendations, costs and implementation scenarios that the customer was able to incorporate into its final quote.

SRS service areas: security management, support abroad, risk assessments.

Security assessment prior to establishment in a high-risk area

Background: A major European logistics company was planning to establish a new route through high-risk areas. The planning required a detailed assessment of the security situation and the biggest threats, as well as recommended security solutions for staff and residents.

Delivery: The SRS analyst team conducted a security assessment together with local consultants. Based on the analysis of the staff’s security situation at each destination, combined with detailed recommendations on risk-mitigating measures, the customer was able to make decisions about necessary security investments and to implement an appropriate security structure for the route.

SRS service areas: security management, support abroad, risk assessments

Development of security policies

Background: A medium-sized Swedish company with rapid global sales growth, primarily in developing countries, identified the need for a global security strategy after experiencing a number of incidents.

Delivery: SRS conducted a review of the company’s structure, needs, desired risk level and growth plans. Based on the company’s current situation, future plans and SRS best practices, we developed a global security policy for the parent company, all employees and the global functions. Guidelines were also developed for managing security in medium-risk and high-risk areas.

SRS service areas: security management, support abroad

Crisis support

Background: An international retail company had its assets, including financial holdings, seized by local authorities, and five employees were unlawfully imprisoned in one of the company’s growth markets.

Delivery: SRS was quickly on the scene at the main office for crisis management and evacuation support, and to help with risk assessments and guidance for the global management team. An SRS team was deployed to the office in question to support the company’s local team with action plans and negotiation support. SRS assisted throughout the process and secured the release of the five employees, while also managing the process of closing down the local business operations in a structured way.

SRS service areas: security management, support abroad, crisis management

Personal security

Background: The CEO of an international company with operations in Eastern Europe received several threats from unknown sources and needed to bring in external security support to be able to continue focusing on core operations.

Delivery: SRS performed a threat analysis to clarify the current threat level as well as a review of the security structure in place around the CEO  to be able to propose appropriate security measures. A security plan was drawn up and implemented to improve personal security at the office and at the CEO’s residence.

SRS service areas: security management, personal security, risk assessment (threat analysis)

Implementation of a crisis management function

Background: A medium-sized company with a certain degree of geographical spread identified the need for a well-functioning crisis management organisation prepared to handle unforeseen events in a structured and efficient way.

Delivery: SRS helped the company to both form and train central and local crisis management groups based on a quality-assured 3-step model. SRS also delivered standard templates and checklists and helped the organisation practice its crisis management capability by setting up realistic scenarios. The company also opted for recurrent training provided to the crisis management organisation by SRS in order to ensure skills retention.

SRS service areas: crisis management, learning & development

High risk security training

Background: A growing technology company was planning to expand its operations into new growth markets, which would pose new challenges and increased security risks for the organisation and its employees. In order to ensure a successful expansion, the company decided to prepare and train its employees ahead of their relocation.

Delivery: SRS provided tailored travel security training with a focus on working in a new and difficult environment for the individuals concerned and the entire organisation. The training course increased participants’ comprehension of and capacity related to risk management and was an important contributing factor in the successful, incident-free implementation.

SRS service areas: personal security, learning & development

Cybersecurity training

Background: The management team of a research-intensive company identified a serious knowledge gap and lack of experience in the area of information security. The absence of this capacity exposed the company to the potential loss of critical information, thus exposing the entire company to major financial risks.

Delivery: SRS promptly initiated a knowledge-enhancing programme in which the first step was to develop the management team, with a focus on raising awareness and improving their ability to specify requirements. After that, all key personnel underwent training to quickly increase the organisation’s total knowledge in this area, quickly reducing the company’s risk exposure.

SRS service areas: cybersecurity, learning & development

Establishment support abroad

Background: A Swedish company with international operations planned expansion into Eastern and Central Africa. The company required support determining market potential from a security perspective.

Delivery: SRS’s security experts participated in the local market research and assisted in an immediate evaluation of the proposed growth strategy’s feasibility. Based on SRS’s extensive local experience, the customer was able to get help seizing the business opportunities in these high-risk areas.

SRS service areas: security management, support abroad

Background screening, senior position

Background: A Swedish organisation was in the process of recruiting a Chief Financial Officer (CFO), a role with an extensive budget and HR responsibility, and wanted to make sure of the suitability of the candidate selected.

Delivery: SRS performed a thorough background check including analysis of the candidate’s CV, references and business engagements. The check revealed previous bankruptcies and serious auditor remarks, demonstrating the unsuitability of entrusting the candidate with significant financial responsibility.

SRS service areas: background screening 

Risk assessment for a media profile

Background: A senior spokesperson for a Swedish media company regularly appeared at public events, which sometimes prompted strong reactions, including a number of threats.

Delivery: In order to identify current discussions, trends and specific threats against the spokesperson, SRS initiated open-source security intelligence, with monitoring of both the spokesperson and planned events. Continuous discussions were held with the spokesperson, and when the threat level increased, SRS provided temporary close protection in order to ensure the spokesperson’s security.

SRS service areas: risk assessment, personal security

Security intelligence and crisis management

Background: A major Scandinavian retailer received a number of credible threats made against senior executives for a period of time. In order to minimise the risk to the key personnel involved, the company wanted to establish a system that could identify potential risk situations in advance.

Delivery: SRS provided the methodology, system support and analysts to help set up security intelligence coverage of relevant open sources, including social media, in order to detect potential threats to key personnel, products and the brand. Based on data aggregation and analysis, the company was able to implement cost-effective risk-mitigating measures before potential incidents had developed into a crisis. Together with SRS, the customer also developed its crisis organisation and improved its internal and external crisis communication.

SRS service areas: risk assessment, crisis management

Security for the oil and gas industry

Background: An international oil company needed to bring in external security support in order to be able to operate in the Kurdish part of Iraq.

Delivery: SRS provided critical personnel such as a security, UXO and HSE manager for the customer during seismic acquisition and the drilling phase. The projects were carried out in very challenging environments, with serious problems in both the UXO and HSE areas. The cooperation between local stakeholders and state petroleum authorities required sensitivity and solid leadership qualities.

SRS’s experience and expertise allowed for the successful delivery of both the acquisition and the drilling phase project without major incidents and with negligible delays. At the end of the project, SRS’s contribution was recognised as a key success factor.

SRS service areas: security management, support abroad

Protective security

Background: A large Swedish industrial group concluded that they were subject to the new protective security legislation, and further analysis of how the legislation affected them and which actions needed to be taken.

Delivery: SRS conducted a feasibility study that reviewed the legislation from the group’s perspective, including both direct implication and impact due to protective security agreements. The customer received a report with proposed actions in order of priority and proposals on how to apply the legislation to some specific cases.

SRS service areas: protective security 

Protective security and cybersecurity

Background: A Swedish company in the financial sector needed cybersecurity support, and help to set up a framework for its protective security analysis in connection with the new security protection legislation.

Delivery: SRS conducted a cybersecurity project with company management with the aim of raising the organisation’s security to a “best practice” level. In parallel, targeted training and expert support were carried out so that the company could perform its protective security planning including implementing necessary protective security measures.

SRS service areas: protective security, cybersecurity, learning & development

Cyber Readiness Review

Background: A Swedish IT company wanted to ensure that it maintained a good security level for its information management and IT environment.

Delivery: SRS carried out a risk-based review of the customer’s information and cybersecurity policies, management systems for information and cybersecurity, security awareness, incident planning and validation of technical IT security measures. Based on the proposed action list and the priority of the actions and the company’s threat profile, SRS was able to help the customer increase its level of cybersecurity in a cost-effective manner.

SRS service areas: cybersecurity

Network monitoring

Background: A nationwide grocery retailer wanted to ensure that it had protection in place against cyber attacks.

Delivery: In consultation with the customer, SRS came to the conclusion that they needed a network monitoring system that could rapidly identify known attack behaviour on their network and issue an alert before high value assets were jeopardised.

SRS service areas: cybersecurity

Security audit identified vulnerable access control system

Background: A customer in the financial industry wanted to test the physical IT security at its offices to make sure that it was sufficiently robust.

Delivery: SRS carried out a holistic audit with both cybersecurity experts and physical security experts. The cybersecurity experts discovered that the customer was using a very vulnerable RFID solution for access to its offices. These RFID tags could easily be copied by an untrained attacker. SRS made sure that the RFID system was replaced by a safer one whose RFID tags cannot be copied.

SRS service areas: cybersecurity

Readiness Review

Background: A medium-sized company in the gambling industry wanted to make sure that their current security procedures were adequate.

Delivery: SRS carried out what is referred to as a Readiness Review, a method for identifying custom security solutions based on a risk assessment and priority activities. In the process of reviewing the current situation and the customer’s desired future level, it emerged that three out of five areas were adequate and required only minor improvements, while the security level in two areas was substandard to the point that the company’s risk exposure was undesirably high.

Based on SRS best practices, a recommended action list was developed for the company to rapidly reduce the security gap in these two areas.

SRS service areas: security management

Threat and conflict management training

Background: As part of its employer responsibility, one of Sweden’s biggest transport carriers wished to take a new approach to the security of its staff and customers.

Delivery: Based on the customer organisation’s processes and working models, SRS collaborated closely with the customer to develop a training course in customer psychology for all staff who come into contact with customers. Examples of training content included knowledge of how to anticipate, de-escalate and handle potentially dangerous conflict situations.

SRS took a general subject and adapted it based on the customer’s everyday operations and current strategies. The overall solution was identified as an industry-specific best practice by the EU industry organisation. The training programme is given to all new hires and to all staff as a refresher at regular intervals.

SRS service areas: learning & development 

Medical care programmes

Background: One of Sweden’s largest media groups wanted to ensure that it had a high and relevant level of first aid expertise in place at all offices. Within the framework of expanded security thinking in the media industry, this was seen as a concrete measure for all staff.

Delivery: Working together with the customer, SRS came up with a unique solution where staff were to prepare online in groups by reviewing theoretical and reflective content and then participate in a focused hands-on training session. The online preparations at the specific workplace resulted in a high degree of relevance for each participant, allowing the training session to be shorter and only include practical elements and reflection. As a result, more employees were able to complete the training programme. During the internal evaluation, the programme received the highest marks in the history of the organisation. 

SRS service areas: learning & development

Travel security training

Background: An international company with employees who frequently travel to destinations on every part of the threat spectrum wanted to ensure the everyday safety of its travellers by providing them with a business-adapted travel security training programme.

Delivery: Together with the customer, SRS adapted a workshop based
travel security programme to the organisation’s policy documents and procedures.
At the customer’s request, the programme also included a travel related medical module.

SRS service areas: learning & development

Strategic security partner agreement

Background: A major consulting firm with offices all over the world wished to strengthen its security organisation by appointing a security partner to call on for expertise and additional resources when needed. 

Delivery: For nearly 5 years, SRS has provided this customer with security services in all service areas. When needed, the customer has requested threat profile analyses, security analyses and advisory services such as risk assessments, security instructions, incident investigations, backgrounds screening and crisis management support. Security for key personnel has been assured by the personal security program (PSP) and security coordinators, as well as special surveillance and operational support during major events. SRS has taken on the role of an outsourced security department and has enabled the customer to achieve flexibility, cost efficiency and access to highly-skilled personnel.

SRS service areas: services 

Event security

Background: One of SRS’s customers was tasked with managing the security at a major international event in Europe where the Swedish delegation comprised high-level corporate executives and other dignitaries.

Delivery: SRS was brought in as a subcontractor and was tasked with total responsibility for the security solution for the Swedish part of the event, including the security surrounding the Swedish delegation. SRS was responsible for the planning, setup and implementation of the close protection, which involved close collaboration with local authorities as well as with Swedish and local police and the security police.

SRS service areas: security management

Risk assessments

Background: A Swedish media company was planning a trip to a high-risk area. The trip included visits to a number of different locations where the media company would be interviewing both government representatives and the civilian population.

Delivery: Based on the customers planned activities, SRS assessed threats and security risks associated with the trip, based on data collection and analysis of the current security situation on location. The report included general recommendations when staying in the area and proposals for specific security-enhancing measures. Based on these recommendations, the trip was then carried out without incident.

SRS service areas: risk assessments

Fraud investigation

Background: An international financial institution was exposed to a “man in the middle” (MITM) attack, in which an unknown operator first gained access to the company’s email accounts and then drew up false invoices and payment instructions that were sent out to customers and partners.

Delivery: SRS conducted a fraud investigation that included mapping of email traffic and forensic analysis of email accounts combined with checks in various databases holding leaked domain data, email addresses and passwords. The final report made it possible for the customer to understand the sequence of events, implement risk mitigation measures and avoid claims for damages.

SRS service areas: investigations

Investigation of disloyal conduct

Background: A company in the financial industry suspected an employee of engaging in competing activities in parallel with employment at the company. These competing activities violated the terms of employment and damaged the company’s brand.

Delivery: SRS performed a forensic analysis of data and mobile traffic in order to survey the scope of the competing business activities, and to determine which other internal and external parties were involved. The decision support document produced by SRS served as the basis for termination due to disloyalty to the employer, while also enabling targeted and effective communication in order to protect the company’s brand.

SRS service areas: investigations

Security intelligence as a risk management tool

Background: A major trade association with offices across  Sweden and a large network of stakeholders wanted to gain better insight into public opinion, given that they are affected directly by current social issues and subject to extensive media coverage.

Delivery: SRS established ongoing security intelligence coverage of over 100 open sources for the nearly 300 protection objects identified by the organisation (persons, locations and events). Reporting is provided monthly, with immediate reporting in emergency situations. Security intelligence has made it possible for the organisation to work in a structured and proactive manner with risk measures and scenario-based strategies.

SRS service areas: risk assessments

Investigation of a subcontractor

Background: A municipal housing company decided to take the lead when it comes to sound competition and fair working conditions at its construction projects by not only imposing these requirements on subcontractors but also performing checks.

Delivery: SRS was hired to carry out evaluations of contractors and subcontractor chains in Sweden and abroad to identify rogue operators, thereby helping the customer ensure sound competition on equal terms.

SRS service areas: investigations

Investigation ahead of a partnership

Background: An investment company wanted to rule out potential reputational risks posed by a third party in connection with a company acquisition.

Delivery: SRS firstly conducted a needs analysis to assess the level of verification. SRS then initiated an Integrity Due Diligence of the external operator. After completing the assignment, SRS was able to confirm that there were risks associated with the outside operator. The customer thus had an opportunity to evaluate and mitigate these risks before entering into an agreement.

SRS service areas: investigations

Security intelligence as a risk management tool

Background: A Swedish healthcare company with nationwide operations needed to ensure that their staff met the relevant requirements.

Delivery: SRS has elaborated a company-adapted background screening solution in order to quality-assure all licensed personnel during recruitment by verifying their IDs, checking for potential misconduct cases at the Health and Social Care Inspectorate, verifying CVs, etc. This provided the customer with the basis it needed for fact-based recruitment decisions and the ability to ensure maintained confidence from patients.

SRS service areas: background screening