Expert Witness Spencer Coursen Expert Witness Spencer Coursen

Why “We Can’t Afford Security” Is the Most Expensive Lie in Business

Catastrophic failures rarely start with chaos; they start when leadership quietly cuts security to “save costs.” This article explains how treating safety like a budget line item creates foreseeable risk, legal liability, and preventable harm, and outlines practical steps leaders can take to strengthen security, risk management, and duty of care before it is too late.

Every catastrophic failure begins long before headlines, lawsuits, or public outrage.
It starts in a quiet conference room where someone looks at a spreadsheet and decides that safety is “too expensive.”

In my work as an expert witness, I am brought in after something has already gone terribly wrong—after people are hurt, after organizations are facing lawsuits, and after leadership is wondering how it all went so far off the rails.

What I see, over and over again, is that security is almost always the last line item on the budget. It is treated as a negotiable expense instead of a non‑negotiable responsibility. That decision is where failure really starts.

When Safety Becomes a Cost Instead of a Duty

Catastrophic failure doesn’t begin with chaos. It begins with a quiet decision to treat safety as an expense instead of a responsibility.

On paper, it sounds reasonable:

  • “We’re tightening the budget this quarter.”

  • “We haven’t had an incident in years—do we really need this level of security?”

  • “We’ll revisit this next fiscal year.”

Nothing about those statements feels reckless in the moment. In fact, they often sound prudent, even responsible. But the problem is this: when prevention is reduced to a budget line item, risk does not disappear. It accumulates.

You’re not eliminating risk; you’re deferring it.
You’re not saving money; you’re shifting the cost to a later date—when it will be far more expensive, far more public, and far more painful.

Security Doesn’t Fail All at Once

We like to imagine security failures as dramatic, sudden events—an attack, a breach, a crisis that erupts out of nowhere.

In reality, security rarely fails in a single moment. It erodes gradually through a series of compromises that each feel rational at the time.

  • A position goes unfilled “for just a few months.”

  • Training is postponed because “everyone’s too busy right now.”

  • A system upgrade is delayed because “it’s not in this year’s budget.”

  • A policy is relaxed because “we trust our people and don’t want to overreact.”

None of those decisions, taken alone, feel like negligence. They feel like trade‑offs.
But risk doesn’t care how rational your justification sounded in the meeting.

Each small compromise widens the gap between what should be happening and what actually is. Over time, that gap becomes the space where bad things happen.

The Hidden Cost of Cutting Safety

Organizations do not save money by cutting safety.
They defer accountability.

Eventually, the unpaid bill shows up in one of three forms:

  • Lives

  • Lawsuits

  • Or both

When something goes wrong—an assault on a property, a preventable shooting, a major workplace incident—the question is never just “What happened?”

It quickly becomes:

  • “What did leadership know?”

  • “What should they have done?”

  • “What reasonable steps did they choose not to take?”

And this is where the earlier “cost savings” decisions come back with interest.

The legal system, the media, and the public will all ask:
Was this risk foreseeable?
Were reasonable measures available?
Did the organization choose not to implement them to save money, time, or inconvenience?

When the answer is yes, that cost is no longer a line item. It’s a verdict.

Foreseeable Risk vs. “We Didn’t Know”

One of the most common defenses I hear is, “We had no idea something like this could happen.”

But in many cases, that simply isn’t true.

  • There were prior incidents on or near the property.

  • There were internal reports, complaints, or observations about unsafe conditions.

  • There were known vulnerabilities that had been discussed but not addressed.

In threat management and security, foreseeability is a key concept.
If a reasonable person in your position could anticipate the risk, then you are expected to act on it.

Choosing not to invest in appropriate security measures doesn’t erase the risk.
It documents your decision not to address it.

How Risk Accumulates Inside Organizations

Think of risk like water behind a dam.

No single crack is catastrophic by itself.
But every ignored leak, every postponed repair, every “we’ll get to it later” conversation adds pressure.

Inside organizations, risk accumulates through:

  • Outdated policies that don’t reflect current threats or realities

  • Understaffed security teams stretched beyond reasonable capacity

  • Lack of training for front-line staff who are the real first responders

  • Poor communication between leadership, legal, HR, and security

  • Complacency after long periods without visible incidents

From the inside, it feels like business as usual.
From the outside—especially after an incident—it looks like a pattern of neglect.

The Illusion of “We’ve Been Fine So Far”

One of the most dangerous beliefs in any organization is:
“We’ve done it this way for years and nothing bad has happened.”

That statement confuses luck with safety.

  • Just because no one has slipped yet doesn’t mean the floor isn’t wet.

  • Just because no one has attacked yet doesn’t mean your access points aren’t vulnerable.

  • Just because no incident has been reported doesn’t mean there is no problem.

Most systems under stress don’t fail instantly.
They fail after a long period of silent strain.

If your justification for cutting security is “nothing’s happened yet,” what you are really saying is:
“We’re betting our people’s safety and our organization’s future on luck.”

That’s not strategy. That’s wishful thinking.

Responsibility Lives at the Top

Security failures are often blamed on the last person in the chain—the guard on duty, the employee on shift, the contractor at the door.

But the real origin of failure is rarely at the perimeter.
It’s in the boardroom.

Leadership sets:

  • The priorities

  • The budgets

  • The policies

  • The culture around safety

If safety is framed as a burden, a nuisance, or an obstacle to productivity, that message filters down.
If security is framed as integral to operations and duty of care, that message filters down too.

You can’t expect front-line personnel to prioritize what leadership treats as optional.

From Expense to Obligation: Reframing Security

To reduce catastrophic risk, organizations must reframe how they think about security.

Security is not:

  • A luxury to add when times are good

  • A checkbox to satisfy insurance or compliance

  • A “nice to have” if the budget allows

Security is:

  • A core operational function

  • A legal and ethical duty to those in your care

  • A direct reflection of your organization’s values

When you make that shift—from expense to obligation—you start asking different questions:

  • “What risks are we responsible for managing?”

  • “What level of protection is reasonable given those risks?”

  • “What would we be expected to explain or defend in court after an incident?”

Those are uncomfortable questions.
But they are far less uncomfortable than the consequences of never asking them.

Practical Steps: Building a Culture That Prevents Failure

Moving from reactive to proactive doesn’t require fear—it requires structure.

Here are practical steps leadership can take:

  1. Conduct a realistic risk assessmentBring in qualified professionals to evaluate your current security posture, foreseeable threats, and existing vulnerabilities. Not a box‑checking exercise—an honest assessment.

  2. Align security with mission and valuesMake clear, in writing and in practice, that safety is non‑negotiable. Tie security standards to your duty of care, not to quarterly convenience.

  3. Invest in training, not just hardwareCameras and access control systems are tools. People are the operators. Without training, policies, and clear expectations, technology alone will not save you.

  4. Create clear reporting pathwaysEncourage employees and customers to report concerns early. Make it simple, safe, and stigma‑free to say, “Something feels off.” Early reporting is one of the most powerful forms of prevention.

  5. Review incidents and near‑misses honestlyTreat near‑misses as gifts, not annoyances. They are early warnings that allow you to correct course before someone gets hurt or a lawyer gets involved.

  6. Protect the budget for preventionBuild security into your operational baseline so it can’t easily be slashed when times get tight. Cutting prevention is the most expensive “savings” you will ever find.

The Real Question: What Will It Cost You If You Don’t?

Every organization has a budget. Every leader feels pressure to reduce costs.
But some cuts are different.

When you cut security, you are not trimming fat—you are removing structural support.

The question is not, “Can we afford security?”
The real question is, “Can we afford the consequences of not having it?”

Because in the end, catastrophic failure is not an accident.
It’s the final chapter in a series of quiet decisions to treat safety like a number on a spreadsheet instead of a responsibility to human beings.

That’s where failure starts.

Read More