Cybersecurity is more than just a headline associated with attacks on critical infrastructure assets, such as utility companies or our nation’s repository of its personnel records of employees with the highest security clearances.
Before November 2009 little attention was paid to the silent threat cultivating inside of the U.S. Army. That all changed when a common U.S. Army officer, Major Nidal Hasan, killed 13 soldiers and injured 30 others during a shooting spree in the morning hours of November 5, 2009, at Fort Hood, Texas. The significance of insider threats has been reiterated with the shooting at the Washington, D.C., Navy Yard, and the intentional crashing of a Germanwings jet into the French Alps.
Businesses have listened to staff and abandoned in-house developed tools in favor of consumer products and ubiquitous software-as-a-service (SaaS) capabilities. They want to exploit the benefits that extensive R&D and manufacturing can bring and are willing to trade off the minor compromises that come with standardized solutions. Also, security managers are starting to ask why sites can’t be secured in the time it takes to add a Dropcam to their home network…
The ISIS-inspired terrorist attacks in Paris in January and the threats against shopping malls in the U.S., Canada and the UK by Al-Shaabab highlight threats that call for more fully integrated surveillance solutions to enhance security. The horrifying Paris attacks demonstrated that, while various forms of video were available to record the attackers’ movements during and after the attack, the video wasn’t being made available in real time or near real time to help law enforcement’s response to the attack.
We’ve gotten pretty good at collecting all sorts of data from cameras and other sensors – but in the end, it is what we do with the information that counts. Surveillance technologies provide the capability to capture the minutest details, but the real value in collecting information is in its analysis. While technology allows us to observe behaviors that predict criminal intent and can interdict before events occur, often this data is subverted by security professionals and law enforcement misinterpretation based on spurious factors.
In recent years, “cyber” has monopolized most of the serious coverage in the security industry, and rightly so, given the underprepared stance of many government and commercial organizations in the face of persistent “leakage” of information and malicious attacks. Yet too often, the equivalent dialogue around physical security has been disappointingly predictable. The industry fixates on pixel counts and IP versus analog. The more enlightened may debate the benefits of the latest breakthrough technology or an attempt at greater industry cooperation. At this point, insert “video analytics” and “ONVIF interoperability,” or any one of a hundred themes.
If the revelations by Edward Snowden proved anything, it is that the U.S., its allies and its enemies possess tremendous capabilities to know as much about individuals, groups, companies, and virtually any other entity, as they want. While Snowden’s revelations give specific insight to U.S. capabilities, many of the same technologies our intelligence apparatus use are either commercially available or within the ability of nations or non-state actors to acquire on their own.
Risk management too often is perilously fragmented and insufficiently funded. Managing the overall risk equation is assuredly a CEO-level and management team obligation. But the design and execution of effective strategies to identify and moderate risk is, of necessity, complex and typically spread among numerous organizational silos.
Security countermeasures, such as surveillance, address threats and if done effectively eliminate them; this is more likely the case when an integrated solution is deployed. In looking at integrated security solutions, there exists an opportunity to move beyond a view of providing countermeasures to threats toward a new perspective of security as a means of delivering critical business value.
Edward Snowden may have the reputation as the most infamous insider threat in recent history, but he’s not the only one who used his job and company resources to commit a crime. Learn why insider threat programs are necessary to allow the organization to prevent, detect, respond to and deter insider threats. Also in this issue: how security professionals can prevent workplace bullying, how mass notification is becoming part of the essential infrastructure of enterprises, and much more!