Knowledge Breeds Resilience: Training for Challenging Locations

Published by Marshal on

Andy Thompson speaks with Richard Pendry, owner of Pendry Risk Management, a consultancy in the field of Risk Management, Organisational Resilience, and Counterterrorism for NGOs, the United Nations, commercial companies, and government organisations.

What is the origin of Pendry Risk Management?

I have been in the security industry since 2005. It was not something I aimed for. Like a lot of guys, I just fell into it. I had a phone call from an ex-military colleague saying that my types of skill were required in Iraq. My wife thought I was having a midlife crisis. She said, “go away, get it out of your system, come back in six months and it will be fine”, but I actually fell for it. Virtually every year, from 2005 to 2015, I was on contract, whether it was in Iraq or Afghanistan.

I was in Iraq for over two years, and I ended up doing six plus years in Afghanistan undertaking various roles, and I had an amazing time. I started Pendry Risk Management in 2015, initially from a consultancy point of view. I went onto the consultancy circuit with the aim of taking all that knowledge and experience and academic qualifications, which I had amassed during that first 10 years, and focused on helping companies and organisations that wanted to work in challenging locations.

What is the ratio of consultancy to training?

Training is the theme that runs through it all, actually. As a consultant, you advise, but your role is also to train people – you have to be able to undertake simulation exercises, for example. Training is a common theme that has run through my career from a very young age as a 20-year-old NCO in the Parachute Regiment. I had to plan lessons and teach young soldiers in the skills and the protocols that the military needed. I thoroughly enjoyed that. It is a common theme that runs through my security career. You are there to pass on knowledge. You are there to make the operators better, because if you do not do that, you do not achieve your objectives.

In 2015 when I started the consultancy, I realised I needed to start turning consultancy in to delivering proper courses. What we do at the moment, because we have had a big challenge like everybody else during COVID, is putting courses on online. That is the way ahead, and that has got its own challenges in itself.

What do you train and who are your core clients?

My core focus is resilience. I define resilience across four strands: Risk Management: things you do to keep you out of trouble; Crisis Management, things that you do when you are in trouble; Business Continuity to carry on as best you can when you are getting out of the problem; and Counterterrorism.

I have got a mixture of not non-government and commercial clients. I like working with the INGOs (International Non-Governmental Organisations) because it gives me the chance to travel. There are also corporate clients that hire me on a regular basis to audit and put in systems and have a look at procedures. It has been a challenge in the last year or so because obviously the opportunity to travel has been difficult. I did manage to get to South Sudan at the end of last year, in November, which was great.

How do you structure and deliver your training?

We have got three types of courses. One is classroom – these have clearly been put to one side until later on this year. Then we got online on demand, which is a recorded course. So, for example, we spent months putting my terrorism awareness course into an online on demand format. It is a film, which covers several hours. We are going to launch the course in March (2021). Thirdly, the same content can be then taught through a webinar basis. We have got six modules, which are broken down into 2 x three-hour modules.

I love standing in front of a group for a day’s training – it is brilliant. I love to have an audience to work with and we can have good interaction. That is largely gone at the moment and, although it will come back, it is not going to come back to the extent that it was. We are now looking at online courses.

With an online course, whether it is a webinar or online / on demand, you have to have engagement because you cannot tell from the participants if they are having a good time or not. You can get them to hold a virtual hand up, but it is very challenging. You have to pack as much information into 45 minutes, an hour, or a half day as humanly possible, and you have to do that in a way that keeps people engaged because many people are on webinars constantly. If you are going to do something, you have to make it as punchy as possible.

Do you operate on an associate basis?

Yes. If I have the idea and I put out the framework that we want to work within, and I do not have the necessary skills myself, then I will pull in experts that I have amassed. I have got quite an extensive network of people that I have worked with or had contact with. For example, I am going to be doing another course, specifically for senior management, on how we can take negotiation skills and interrogation skills into a corporate meeting environment.

What have you seen in terms of the changes in the market and what do you see continuing to develop?

The security industry is a growth sector. There is no doubt. Since the War on Terror started in 2001, and subsequent invasions of various countries, the world has become more dangerous. It is a common belief that we are living a more dangerous world, and so the private security industry has increased exponentially. We know that.

If you are going to be involved in this industry, you have to show both experience and qualifications. Experience is objective in nature: you get it all the time by working, by doing things. It is amassed. However, you need to be able to show that you are taking your professional self seriously. Taking myself as an example, and going back to 2005 to 2007, I was finding it hard to get promotion within the organisation I was in. I undertook my first degree in Security and Risk Management, and I was looked at as somebody who takes things seriously. So many of the guys I know that started off in Iraq and Afghanistan, have gone on to higher education. They have got master’s degrees. If you want to work for the bigger companies, a lot of the oil companies for example, they expect you to have a minimum qualification. For many, that is difficult because they just simply are not into academia. However, there are alternatives – vocational qualifications. Some of the continued professional development courses are fantastic. What is clearly happening is that the top layers of the security industry, the strategic and the tactical, are becoming more qualified. We now need to bring up the operational level within the security industry, and that comes through training and gaining qualifications.

How do you view the convergence and prioritising of Cyber in the Security Risk Management world you have come from?

I get enquiries about cyber continually. I am not a techie but, again, it is unmistakably a growth market. It is the way ahead and it is extremely well paid. When you analyse it, physical intrusions, criminal intrusions, are very few and far between, and they do not happen that often. Most of the stuff that goes on is so easy to do it through somebody’s bedroom, through a computer. That is why you see CISO well employed because it is a skill that these organisations have. However, my view is that these companies are not really good at doing it. They are being told to do it. They have an idea of how to do it. However, they are not good at implementing it. It is hard to get these things through to these various companies.

How do you differentiate yourself in this market?

Through reputation, and word of mouth. I have my LinkedIn profile out there for anybody to look at. I am proud of my LinkedIn profile because it shows credibility. It shows where I am coming from, where I am going to, and what I have done. The organisations that I have worked for – blue chip companies, United Nations, NGOs – I think that, as an individual and the CEO of the company, shows to potential clients and how seriously I take it.

When I come across a competitor, I will check out who the company is. I can do that by various means online. Then I check out the individuals: similar to the study of terrorism and political violence. So many people jumped onto that bandwagon after 9/11 and the academic side of terrorism grew hugely. Yet, it is the people who are doing this and the people who are talking about it and the people are writing about it have never been shot at! They have never left their offices! They talk about it, but it is important to be able to take that experience, wrap it up with academic study and then be able to implement that. I am always looking within the organisations for the credibility of the people who are involved in that company. There are some very thin CVs out there!

What standards do you work to in your training delivery?

I have got involved with the Security Institute, and my company has been taken on as a part of the approved training programme. They were asking me about what I thought about training. I believe training, and qualifications – because you train to get knowledge, you are trying to gain qualifications – people want something now, they do not just want to do a course and come away with an attendance certificate. That is not it is not beneficial from a cost perspective.

That is why I went with the Security Institute, because I think that the CPD, their Continued Professional Development programme, is top notch. If you want to show that you are a security professional and you are taking your career seriously, you are going to have to get into bed with one of the organisations, whether it is ASIS on an international basis, or if you are working in the U.K., then the Security Institute. I am working with the SI now and if you attend my courses and you get CPD points which go to your overall ranking within the Security Institute which, I think, is a brilliant way of showing your commitment to your profession. It is also good for people who do not really want to do the academic process and getting letters after your name.

What’s the value MSc in Security & Risk Management available from a number of institutions?

It all depends on what your objective is. Where do you see yourself? Where are you pitching yourself? Where do you want to be?

Do you want to be part of a large organisation within a security and risk department? Many guys crossed over to Shell and Exxon and all the various oil companies. When you look at CVs, the vast majority do have a higher qualification. If you want to stay within the security industry and you want to climb that ladder, you will have to do, in my opinion, an academic degree at some stage, because you will not be allowed into that corporate environment at high levels.

What are your challenges, now and in the future?

Credibility for me is not a problem because I have been there, and I have the experience.

Credibility for other organisations and people can be problematic inasmuch as do they have the capability of being able to deliver? I am always doing CPD because it is a fascinating subject: behavioural detection, surveillance, all these different things. I love that. That is why I am part of the things, the interesting courses, that I want to develop for use by security professionals.  Do they have the knowledge, the experience to be able to deliver that? Unfortunately, I do not think a lot have. I really do not. They jump on the bandwagon. There are some great companies out there. The big ones that have been amalgamated will subcontract out the work anyway to individuals. You need to be able to market yourself well. How do you get your message out there? It is difficult – a real challenge.

What are the challenges in approach between Oil and Gas, and INGOs, who operate differently?

Commercial organisations normally have an objective that they want to achieve, and you would be able to sit down with management and go through a plan. They want value for money, and they want it done quickly. It means a lot of late nights putting it all together but is a lot clearer cut. A commercial organisation would probably tell you what they need.

INGOs have different objectives, and strategies. Many people do not understand how humanitarian NGO work: the different programmes that they run to help the aid and development of the various regions they are in. You often have to take the NGOs hand and walk them through it.

Would you characterize the difference in approach as fundamentally commercial vs. cultural?

A lot of organisations see security risks management as a hindrance, as an obstacle that stops them achieving their aims and objectives. I found this pronounced within the NGO community because they want to integrate with the local community. They work to a strategy called the “Acceptance Strategy” where they are accepted by the community that they are working so that the community will keep you safe. In high threat environments, that is not always possible. It is not always the best approach.

In Afghanistan, Iraq, Syria, we saw horrific murders of NGO workers, UN workers. With the humanitarian organisations, the NGOs, there is a culture that you need to be able to frame your security objectives within.

How well does someone with a military background fit in the INGO security culture?

I know a number of ex-soldiers that are working for NGOs at the moment, and I have done so for a number of years. It is down to that individual as to how they are able to adapt to new situations and you cannot go about shouting and screaming. You cannot be on a parade square and shouting out orders to NGO workers because they do not understand that. You have to adapt your learning and teaching style, how you deal with people. You have to understand what they want to achieve and how they are going to achieve it. INGOs work in their own environment and they have their own ways of doing things. To the layperson, it is very complex, and it is difficult to comprehend.

A lot of the soldiers that went into private security companies, or the private military companies, experienced a culture they were already familiar with. The NGO environment is completely different. There is a level of diplomacy that you might have to learn and a skill you need to develop. When you are a third-party security provider, you are working with the client, for the client on behalf of your organisation. You are there to advise. You are not there to say no. I know of people, good guys, who have been sacked because they told their client, “no, you cannot do that”. Your job is not to say no, your job is to provide information for them to make informed decisions.

What do you find frustrating about the current training environment?

My view is that, for the vast majority of occasions, taking a classroom-based course and putting it straight online is not going to work and you have to adapt it. Content is not the only king. Engagement is also vital. The course instructor has to engage you and has to keep you interested, for 45 minutes or an hour, or longer f required. Previous instructors like me, as a young NCO, were able to get out in front of a group of people and engage directly. However, times have changed, and people need to adapt their teaching style to the modern environment, webinars, Zoom and so on. It is not as straightforward as just talking for an hour because you lose people straight away.

Describe a scenario where you have had a memorable impact for a client?

Without mentioning a client specifically, they were an implementing partner for UNICEF in Afghanistan, and they wanted me to evaluate their policies and procedures and risk assess what they were doing. They were transporting children from Western Afghanistan, Herat, to get into Iran but were being rounded up by the Iranian police, putting them into holding areas in Herat. The majority of these children came from Kabul and eastern Afghanistan, Jalalabad and places like that. They were moving these children – anything from 8, 9, 10 years old, unaccompanied – from one side of the country to the other side of the country via bus. The bus route took them through some high threat environments. The programme workers – the Afghans – were absolutely petrified that the bus was going to get stopped and they were going to get killed. I worked for about two weeks, reviewed the situation and I presented my findings to the company, recommending that if they continue what they were doing, something will go bad, and quite soon. I recommended a solution which they took to UNICEF and they got a substantial increase in the budget. It meant that they were able to finance the ability to fly the children back and forth. Nobody actually thought about it or put it down on paper before. It was a big success, and we kept those people safe.

Where have you got it wrong or have you misread the situation and what do you learn?

Never say no! As consultants, we are there to inform and give advice. Very early on, I learnt that you do not say no. You are there to give the management the information so that they can make an informed decision. You are not part of the company. I am not part of the company as an advisor. I am there as a consultant. I am not there to dictate. I am there to advise. That is what you need to be able to differentiate between.

What is your advice to those looking for the courses you provide, or training in general?

Let’s look at qualifications. I put qualifications into three brackets. The mandatory qualifications – the ones you have to have, whether it is legally or of the job. Then there are the academic qualifications – some of which might be mandatory, depending on the job description. The vast majority, however, are in the middle: the vocational training. If I am employing somebody, I am looking for those who are taking things seriously and who are working towards and demonstrating an increase in their skills and qualifications on an ongoing basis.

To be able to utilize that as best as people can, my advice is to join an organisation such as the Security Institute – for a nominal sum per year, it is well worth it. I am a member and I get a lot out of it, but I think it is an excellent way of showing that you take your profession seriously.

Are there any other organisations you would recommend?

ASIS is another, it has got chapters all over the world. The Institute of Strategic Risk Management is another, of which I am a member. Decide what you want to do, decide, what your objective is going to be, and then work back from that. What qualification is required? Do I need to join an institute yet? You might not have to, but I think it is always best to do that because it is a great networking opportunity as well. That is what all the work gets done. If you are involved in an organisation, then the chances are that you will extend your network and hopefully get opportunities.

What training organisations stand out for you as impressive?

I still work with one organisation called Other Solutions Consulting. They have weathered the storm; they have put all their courses online and some of the transition that they have done online. This is for NGOs and they are top notch. I like them a lot.

What does the future hold for you?

I would like to give a bit of positivity. We are coming out of this lockdown now, we are all involved in a growth sector, which is great. I just think that to go forward, professionalism is key. It is being out there, is doing a good job, it is getting references. References are important as well, and people do not do that enough. Getting recommendations on LinkedIn for example. If somebody sends me a message on LinkedIn, I will always reply. I get a lot of people asking me for advice on career development, things like that. I will always reply to them. It is important and common courtesy. It is just about being out there, being professional and enjoying what you are doing.

Richard can be contacted at richard@pendryriskmanagement.co.uk or visit https://pendryriskmanagement.co.uk/

Marshal enables companies to resource and organise diverse Safety, Security & Risk Management capability at scale.

Register with the network to stay informed about opportunities and training services that help advance your career.

Categories:

0 Comments

Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *

Related Posts

Business Development

Agility and Resilience: The New Pillars of Security Marketing

In an era of rapid technological advancement and evolving global threats, the security, risk management, resilience, and defense industry finds itself at a critical juncture. While prevention and detection remain crucial, today’s focus has expanded Read more…

Business Development

Navigating the Impact of ESG in the Security & Defense Services Market

The growing trend of Environmental, Social, and Governance (ESG) investing is becoming a significant concern for industries like defense, where perceptions of ethical issues can deter investment. Marketers in defense, where ESG concerns may cast their Read more…

Business Development

Transforming Defense with AI: Bridging Technology and Responsibility

Artificial intelligence (AI) is revolutionizing the battlefield, with advancements in autonomous systems, data-driven decision-making, and cyber capabilities. Companies developing AI-enabled military technologies face a unique set of challenges in marketing their products effectively. They must Read more…