^aPresident of the SRSI (Security and Risk Studies Institute) Avenida Diagonal 482,5 08008, Barcelona, Spain. E-mail:gm@srsi.org

The 20th Anniversary issue of the Security Journal is, in this author's view, an opportunity for a friendly, free and creative discussion upon the present state of security, and speculating on its desirable evolution. Hence the rather personal discourse, which I hope editors and readers will find acceptable, on what has been achieved, and what is still do be done.

The Security Journal started publishing 20 years ago, in a very favourable environment for both the cultural and entrepreneurial security activities. Governments, scholars, professionals and individuals were all agreeing on the need for a fundamental re-thinking of security. The existing security body of knowledge, methodology and functions could not easily explain, detect, deter, or neutralize the new forms of threat born from the cold war's sunset and grown up in the breeding culture of great social, political and economical dissatisfaction. Among them, terrorism, civil unrest, organized crime, illegal immigration, "smart" financial practice, corruption, industrial sabotage and espionage, unfair competition, white collar crimes, workplace violence, smuggling, counterfeiting, racket, pilferage, and vandalism.

Since the 1970s, a massive process of general information through books, specialized magazines and articles and TV coverage had already started to inculcate the "security culture" in the public. However, information was mainly anecdotal, and frequently ill structured. Academics were still greenish in private security matters, and the Security Journal and the Journal of Security Administration offered them the possibility for focussing research on such issues.

Scholarly attention made professionals conscious of their potential, thus opening a growth crisis: those who were aware of the importance of their role, and had the proper education and preparation, were unhappy of their status, and felt the moment had come for a substantial change. However, governments were still jealous of their prerogatives and suspicious of the growing importance of the private security profession, and organizations were not ready for such a change. Unhappy practitioners were in deep seas, with an impelling need for moving, but nowhere to go. They needed to fix the position, to raise the major issues, and to decide upon the goal, and the course to be taken. That was the moment for the academic journals to lead the way.

Indeed, their research highlighted a number of weaknesses in the profession, namely, the need for a level of reference: that which defines the status of professional such as "architects, lawyers, and doctors"; three key points: "paid occupation", "advanced education", "advanced training"; and a preferred (optimal) condition: acceptance into a "recognised association". Researchers found all of them wanting, and well below the standard of any recognized profession. The conclusion was: in order to be considered (and paid) as full-badged professionals, security practitioners need a theoretical framework, and a strategy for raising the profession's standard.

Discussion followed on current status, threats and needs, and the way ahead. It was felt necessary to stimulate the government, the universities and the private industry about the need for re-considering and a reorganizing security concepts, actors, relationships, and operations. Public–private partnership was considered essential in the post-modern security arena, where the sources of threat are professional, multidimensional, trans-national, transversally spread over all aspects of life, and mainly aimed at soft civilian targets. Horrible events had proved that public security and intelligence organizations cannot operate efficiently without the contribution of the private world, and that private organizations are quasi-defenceless without the assistance of public organizations. As this and other security journals pointed out, institutions, academe, professional organizations, and best professionals must work together in order to facilitate the creation of valid interfaces between the public and the private world. This situation and need have been exacerbated after September 11, 2001, and still hold true.

The first step for achieving a credible public–private partnership was to enhance the level of the profession, with a three-tier approach: increase contacts with academe and creation of specific courses, interact with the industry through the creation of profiles and standards, and create a system for the accreditation of top professionals.

Through the efforts of many, all of these conditions have now been achieved. No doubt, there is still much to do, but the goal is firmly established, and the path is clearly traced within a systemic approach to the problem. A number of academics, closely working with government, journals and professional organizations have given an invaluable contribution to the effort. Laws, standards and regulations have since appeared, applied and improved. The number of universities offering courses in security is improved, so has the scope and quality of their courses. A number of academic journals are active, and publishing an impressive amount of research. Well-respected professional associations, such as, for example, ASIS and the Security Institute offer employers the "objective validation of an individual's experience, qualifications and expertise". The top-level professional are now accepted in the boardroom, an achievement that was unthinkable of 20 years ago.

Indeed, we have many reasons to rejoice in this 20th anniversary of "our" Security Journal. We have certainly improved our grasp of the fundamental concepts and dynamics pertinent to a true security context. The robustness of analysis and assessment techniques of such context is greatly enhanced by the widespread recourse to sophisticated Operational Research techniques. Governments and businesses now attach greater value and importance to a properly managed security function. In fact, Western Governments have allowed private security organizations a so far unthinkable freedom of action, and the public–private partnership concept has never been so encouraged and indeed promoted. Security practitioners are objectively validated by well-respected organizations and assisted by innumerable and detailed standards and procedures. Advances in technology allow for a quasi-complete possibility of control (whatever it is in its different features and interpretations), surveillance, and physical protection.

There is bad news, too. Thousands of articles, pervasive research and the impressive public and private commitment (millions of people and billions of dollars) have scarcely improved our condition of security, and we should ask ourselves why.

One reason I offer is autism. In fact, the security culture and practice tends to look inward rather than forward. Most practitioners remain prone to an "us and them" vision, tend to be subject to a Fortress syndrome, and prefer relying on technology rather than people. This vision has encouraged the logic of the gun and the shield, and has only too often raised the level of confrontation. Moreover, it seems to have opened new vulnerabilities and provided new possibilities to the attacker. By focussing on building impenetrable castles and maintaining them in a deemed hostile environment, many security system engineers have allowed the "enemy" free and unchallenged movement throughout the country.

However, and luckily, not all the world is Comanche Territory or Iraq and security is much more than timid physical separation from the bad guys out there. There is a need in Western civilized countries, to which most of us belong, for a nonthreatening, custom oriented, but highly effective physical protection. Within a humanistic vision of security (the only one worth living, in my view), physical protective measures should act more as an osmotic membrane than an impenetrable barrier. More attention should be dedicated to the interaction of the protected organization with the surrounding environment and population. In this sense, we need to win security system engineers hearts and minds, and the sooner, the better.

One more reason is inconsistence between means and ends. The above vision, attitude and practice can hardly create a climate of security, in its philosophical and aetiological senses. Such interpretations of security raise, amongst other, issues of fear, self-interest, utility, power, authority, knowledge, capability, civil rights, evolution, and ethics. In truth, those who write, decide, and operate in security can hardly avoid addressing the questions: What is security, and what is it for? Is security just an illusion, a vision, or an attainable condition of life? Is it really for the common good? What is its contribution, if any, to our quality of life? Does security need to have a sense of social responsibility? Do we need to secure our "security"?

New and unbiased research should start from making tabula rasa of old axioms and prejudice. Questions to be asked are: is security necessarily premised on force, separation, restriction and violence, or the threat of it? Can security be unleashed by the restraints of power and military superiority, and accommodate different levels of authority? Can security take into account differences, not only in terms of fear, but also in terms of cooperation, care and benevolence? Can security accept the idea that certainty is a natural impossibility, and make sense of the innumerable sources of insecurity? Can security be freed from its historical, ideological, political, and social biases? What are the psychological implications leading to, and checking on, a desired state of security?

In my view, these essential questions should inform research on the following areas (in order of priority):

1. Scope of security/knowledge basis;
2. Positive security communication and perception;
3. Measuring and understanding security risks;
4. Safe communities/quality-of-life;
5. Organisations, people, and their security department: needs, demands, support, responses and feedback.

To make my suggestion clear, let us consider, for example, heading (1): scope of security/knowledge basis. No doubt, the complexity of the subject, the confusion of concepts, biases and prejudices and, particularly, difference of approaches and interests merit further scholarly attention, for example:

• The dimensions of security (e.g., time, space, legal, social, political, economical, psychological, public, private, personal, mass media, etc.)
• the difficulty of identifying a reason for security, with its motivation varying from survival and pretext to peace of mind;
• the differences in perceiving a threat, an hazard and a risk;
• the cognitive assessment against different frames of reference derived by different approaches;
• the influence of different situations and visions upon the same problem;
• the strong legal, political, social and economic implications of every security decision;
• the difficulty in measuring utility, effectiveness and performance of the security function;
• the influence of managerial criteria in security decision-making;
• the multiplicity of actors and approaches (not all security-driven) within the same decision-making process;
• the problems in balancing different decision makers, criteria and constraints;
• the possibility that in emergency conditions a security process (perception, cognition, decision, and action) must be accomplished in very short periods of time and under exceptional pressure.

Scholarly research could, and indeed should, contribute to clarify these specific areas, and add decisively to the knowledge of security. Journals such as this should encourage criticism, debate and lateral thinking, opening new frontiers for speculation, research, debate, and experimentation.

To conclude, the Security Journal has now reached the adult age. Having reached this fundamental achievement, both editors and contributors could be tempted to rest on their laurels, and to let the journal get old, predictable and boring. They might lose enthusiasm, and refer to their "old good days" rather than to their future. What has been achieved can easily be lost.

Long may the Security Journal live young and creative, and persist to fulfil its cultural mission in the true academic spirit of insatiable curiosity, unbiased criticism, free thought and expression. May the Journal contribute to a better, more secure, and happier world!