Corporate security and the climate crisis

How to adapt security and risk management policies - including IT security - to deal with climate change.

We discussed going green to battle energy costs as a way to kick open the doors of perception in the executive suite and the board room.

IT consumes two percent of the energy produced on the planet. Currently, IT-related energy use is doubling every five years. If this doubling continues, then IT energy use will increase sixteen times over the next twenty years, and consume just over ten percent of the total energy output of the planet by 2030.

We talked about putting this projection in a personal context for executives, i.e., spending billions on energy over the next five years. The numbers are potentially unbelievable when the future is mapped out. If a client spending at a rate of US$2.6M per year on energy, doubled energy use every five years, then they will be spending US$41.6M a year of energy in 20 years at today's prices; and at a 10 percent inflation rate for energy per year the US$41.6M becomes about US$278M.

"Can you imagine a bill of $2.6M per year escalating to $278M per year by 2030?" Sams remarked. "It is unaffordable; something else will have to change."

We also talked about the significant impact of switching to water for cooling on server racks. Water requires a lot less energy. "Data Centers typically use air conditioned cool air to flow through technology to cool it down," Sams explained. "Water is much more efficient for technologies that generate more than 30,000 watts of heat per rack."

We talked about how to reach different C-level executives in different ways: e.g., with the CIO, Sams suggested emphasizing IT flexibility, i.e., being able to have current data centers support new low-cost and highly scalable technologies like blade servers; with the CFO, Sams suggested emphasizing the cutting of costs both for the growing energy bill (typically 40-50 percent savings) and capital cost of building a new Data Center if they run out of power and cooling capacity; with the CEO, Sams suggested emphasizing the image of the environmentally supportive company, e.g., $1 million dollars in energy savings a year is equivalent to one thousand cars off the road or 2.7 million pounds of coal not burned in a coal-fired energy generation plant.

Elements of a Corporate Climate Crisis Security Strategy

Here is a seven-point corporate Climate Crisis strategy for CSOs and CISOs to promote within their organizations.

1. Intelligence: Monitor the business risks on the global, national and regional scales as well as in your industry sector. Organizations should be closely tracking climate change in their region, and in the regions that they rely on for resources and our markets, and on a planetary level, and regularly re-evaluating the impact and implications on business operations, personnel safety, etc. Organizations should be pondering how climate change in their regions and at a planetary level impacts other types of risks and threats, and how they attempt to mitigate and cope, e.g., collapse of governments, displacement of populations, organized crime, violent conflict, pandemic and other health issues, travel security issues, natural disasters, etc.

Phelps agrees. "Operative word is should. Globally most international companies will look at traditional risks such as physical security, natural disasters (e.g., flooding, cyclones, tsunami, etc.) or counterfeiting, brand infringement and sabotage. Since Climate Change will likely cause increases in natural disasters, human disasters (famine, migration, border tensions, diseases, etc.) and national security issues (just to name a few), it should be on the recognized list of "known risks" for all companies to plan for."

But does she see it getting done anywhere?

"No. There is more discussion about it outside the US, but here in the US I know of no global company adding climate change to their risk assessments."

Tags corporate issues

Show Comments