COVID-19 has changed many companies’ hybrid work force procedures, but with vaccines reaching new heights, many workers are returning to their offices. As the US opens back up and employees get back in the offices, violence and physical threats to businesses are being seen at an unsettling, record-high pace, according to the Ontic Center for Protective Intelligence.
The study showcases the collective perspectives of physical security directors, physical security decision-makers, chief security officers, chief information officers, chief technology officers, chief information security officers (CISOs) and IT leaders at US companies on how physical security challenges and opportunities are unfolding in 2021 as the country emerges from the pandemic.[1] “Pent up economic and political frustrations marked the 6th of January by the Capitol riot are being unleashed after months of limited in-person interactions, mass shootings have skyrocketed and companies are experiencing an increase in physical threats as compared to the beginning of 2021,” said the Executive Director of the Ontic Center for Protective Intelligence. “And yet, as our study found, even as physical threats increasingly originate in the cyber world, CEOs are reluctant to believe their companies could be targets. As the crippling of critical supply chains and infrastructure by cybercriminals earlier this year demonstrated, to keep all aspects of their business safe, with great urgency, companies must fund, integrate and unify cybersecurity and physical security intelligence, assessment, mitigation and operations across the enterprise.”
The CEO of Ontic added, “As corporations advance the digital transformation of their physical security operations, it has never been more important to seize the opportunity to align their cybersecurity operations and infrastructure. Bringing together all threat data and intelligence in an always-on, technology-driven approach to security is the most effective way to advance business continuity in today’s increasingly hyper-connected, hyper-violent environment.”
Physical threats increase where intelligence fails. Of the physical threats that resulted in harm or death at companies in 2021, 49% of respondents think most or close to all could have been avoided if cybersecurity and physical security intelligence were unified so threats could be shared and actioned by cross-functional teams. 55% of physical security and IT leaders say their CEO believes training employees to be better prepared for potential workplace violence will create a culture of fear. 26% of those surveyed say their company has never addressed the potential for workplace violence and employees would not know what to do if an active shooter entered their facilities. This is counterproductive way of thinking. 74% agree that they anticipate significant conflicts between management and employees regarding health and safety protocols, as well as work-from-home policies when businesses reopen. 72% agree that their company has experienced physical security threats related to requiring employees to show proof of vaccination in order to return to the office.
Cybersecurity and physical security have to be integrated. Since the beginning of 2021, 58% of security and IT leaders say their companies have received or investigated one physical threat (33%), between two and five physical threats (21%), or over six physical threats (4%) per week.
Also, because of intelligence failures (not sharing threats and vulnerabilities inside a company), respondents said the following incidents have occurred at their company:
- An insider abused authorized cyber access that led to property theft or supply chain damage (34%)
- An employee was threatened and/or harmed while working at company facilities (33%) or working remotely (28%)
- A former employee threatened and/or harmed current employees (25%)
- Our CEO and/or family members received threats and/or were harmed when working from their private residence or while traveling (24%)
- An active shooter event occurred at one of our locations (18%)
- There is overwhelming agreement among both physical security (95% agree, including 45% who agree strongly) and IT professionals (95% agree, including 55% who agree strongly) that cybersecurity and physical security must be integrated, otherwise cyber and physical threats will be missed.
- 91% of respondents agree physical security needs a technology-driven industry standard for actively identifying, investigating, assessing, monitoring and managing physical security threats and 87% agree that now is the best time to invest in physical security digital transformation.
Our team has long understood the threats and vulnerabilities associated with companies’ insider vulnerabilities. We have developed a Virtual Trust Officer (VTO) program to help identify and develop a collaborative program to share information of both insider and outside malicious communication that could indicate either workplace violence and/or network disruptions.[2] Our team members will be happy to hold a brief call with your team to help them better prepare for phishing, cyberattacks, ransomware and if they are associated with any employees.
Red Sky Alliance is in New Boston, NH USA and we are proud to be helping in the over-all cyber defense posture. We are a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the lab directly at 1-844-492-7225, or feedback@wapacklabs.com.
Interested in a RedXray subscription to see what we can do for you? Sign up here: https://www.wapacklabs.com/RedXray
- Reporting: https://www.redskyalliance.org/
- Website: https://www.wapacklabs.com/
- LinkedIn: https://www.linkedin.com/company/64265941
[1] https://www.helpnetsecurity.com/2021/07/16/physical-threats-increase/
[2] https://www.wapacklabs.com/intelligence-service/vto?rq=vto
Comments