Author:
ISBN No:
Review date: 17/12/2025
No of pages: 163
Publisher: Self published
Year of publication:
Brief:
After I read only a few words of Dr Peter Speight’s new book, Security Reimagined, I took a breath of satisfaction in and out. I was in the hands of someone who knew what he was talking about, and I was spending my time well.
That’s not only because I have known Peter (before his doctorate) in his days with Reliance and Securitas, and these days going it alone as Speight Associates. At the Security Excellence Awards in London in December 2025 he was highly commended in the consultancy category; at the Security Institute’s 25th anniversary dinner and awards he was given the 2025 Outstanding Contribution to Security Award. I had admired his book Why Security Fails, for one thing because its title was refreshingly candid. Security (like health and safety) is put in place in case the worst happens. Why then, as Peter sets out at the very start of Security Reimagined, did the Manchester Arena suicide terror bomb go off? Stewards and SIA-badged security was in place, the stadium was in the centre of a city, next door to a major (albeit run-down) railway station with police on duty. Likewise Peter quotes a brazen theft from an (unnamed) ‘UK distribution hub’. Something evidently had gone wrong; yet ‘every contractual obligation had been fulfilled’ by a security contractor: “Security officers were on shift, precisely as the rota dictated. CCTV equipment had been upgraded only months earlier. Patrol logs showed perfect adherence to schedule. Incident reports and KPI dashboards painted the picture of a model security operation’. I would add a further example on the theme of crowd safety – the Hillsborough disaster at Sheffield Wednesday’s ground in 1989, when 96 fans were crushed to death, happened in front of CCTV cameras (good quality for the time) and plenty of police and stewards. In fact the security fence did its job all too well of penning fans in. To return to Peter’s book title, while things go wrong with consequences (financial, even injury and loss of life, besides reputational) in the physical world, security also goes on in people’s head – it’s a feeling, whether you are a shopper, tourist or paying visitor, and for those who buy a security service. Speaking to fellow security professionals, Peter points to an ‘industry-wide malaise, the reliance on appearances and checklists over substance’. He lists five ‘fault lines’:
Procurement-driven models – ‘buying security as a commodity guarantees mediocrity’;
Compliance obsession – ‘passing audits substitutes for real preparedness’;
Unprepared people – ‘undertrained, undervalued staff cannot deliver resilience’;
Technology without integration – ‘tools without context become stage props’; and
Siloed functions – separation from enterprise risk ensures blind spots.
Peter adds with characteristic (may I say Yorkshire?!) bluntness: “These fault lines are not mere oversights. They are the structural byproducts of how organisations conceive, fund, and measure security. Until they are addressed, failure will remain inevitable.” Failure, whether the attacker is a terrorist, a disgruntled insider, in retail organised thieves; or against corporates a nimble, motivated protester. The illusion of security is comforting – other internal departments and consumers alike put their trust in Security as the experts who fill in logs, sit in control rooms viewing the latest equipment, tick boxes – until it’s all tested by reality. That repeats itself because, partly, of procurement, done according to (lowest) cost, not quality; number of hours rather than what outcome you want for your security spend (safe patients and staff in a hospital, aircraft not harmed at an airport).
Martyn’s Law
Peter points to Martyn’s Law – legally speaking, the Terrorism (Protection of Premises) Act, also officially known as the Protect Duty – as ‘a profound shift’, taking us past box-ticking to ‘genuine preparedness’. To comply with Martyn’s Law (although the security industry and premises managers are awaiting the details), we can expect that responsible staff have to be trained, not merely ‘present’. Peter sums up: “Those who cling to the old procurement-driven comfort zone will be left behind. Those who embrace outcome-based models, who integrate systems, who invest in people, will define the future.” He delivers a warning too. Martyn’s Law, or indeed any law (to return to my example of Hillsborough, stadiums came under safety law like any other place) will require ‘a cultural reimagining of security’, because such things as investment in people and resilience against disruptions, tested by exercises, are a value, and not something you can put a pound sign on.
Olympic example
The trouble is, and security readers may experience it all too often, that buyers of security are reassured by the ‘pitch’ of bidders. Reality is then, and Peter gives an anonymous retail guarding example, agency workers replacing known faces (which translates into staff feeling less safe – an intangible, until staff are off sick and leave, not something caught by the key performance indicators, KPIs) and cuts to training and superviser visits. Peter gives arguably the largest and most public example – the failure admitted by the 2012 London Games contractor G4S, that it couldn’t find the bodies. Quietly, future procurers such as the Glasgow and Birmingham Commonwealth Games of 2014 and 2022, learned the less and built in resilience, by having multiple contractors. Importantly, as Peter points out, ‘compliance theatre’ (suppliers promising all is well, until it’s not) applies well beyond security, to (to give only one of his examples) the notorious useless and expensive PPE during the covid pandemic. Peter’s audience, then, ought not to be solely security managers but corporate and other leaders (if procurement managers are promoted for delivering savings, what will they do but buy on price alone!?).
Metrics
Peter ranges over psychology (in terms of the insider threat and disinformation) and artificial intelligence (which offers lots, such as reduced alarms for an operations centre, yet where’s the governance if you or anyone can’t explain how the ‘black box’ of AI has come up with its decisions, to flag someone for their ‘suspicious behaviour’?). Peter wrestles with metrics, KPIs. They can allow leaders to avoid awkward truths. Bad ones, as Peter says, can kill. He ranges over the civil unrest in summer 2024 after the Southport murders, cyber-espionage, data breaches, arson attacks, supply chain espionage, and ‘foreign influence’ cases. Someone in the boardroom has to take responsibility, Peter writes; to ‘refuse to settle for illusions’. He closes with a repeat of his theme of ‘stripping away illusions’, not being comforted by the greens of a traffic-light risk matrix, or hours of patrols logged, or framed certificates on the wall. For someone with as many academic qualifications as Peter’s, that’s a brave statement. While Peter has messages for corporate leaders, and makers of policy and law, he calls on security practitioners to ‘resist the seduction of activity metrics’, and instead ‘champion outcome-driven evidence’; frame security in terms of risk.
