While much has been written about the rapid worldwide growth of COVID-19 and the ways it is transforming daily life, there have been comparatively fewer discussions on where it will lead longer term. As global security leaders prepare their response strategies, there is significant value in taking the time to consider the second order consequences of this pandemic. While these less immediate implications may be difficult to forecast with certainty, thinking through the world of possibilities will help us prepare for any number of outcomes.

In order to help guide our clients and other security leaders, I have broken down our long-term considerations into three high level categories:

  1. Understanding the duration and severity of the pandemic and its associated economic fallout
  2. Assessing the direct long-term repercussions on the security world
  3. Identifying how the disease will change the world more broadly, including key tipping points

1. A New and Persistent Enemy

COVID-19 is not going away any time soon. While the disease has started to plateau in some regions as a result of social distancing, we should expect to see a material increase in cases when quarantines end. Because asymptomatic carriers can still spread the disease, unsuspecting individuals who resume public activities will continue its latent spread once quarantines are lifted. This has already been seen in parts of Asia, and will likely remain the case until a vaccine is available for widespread use, which by most scientific accounts is 12-18 months away. In the interim, a plausible scenario is that we end up cycling between periods of quarantine and non-quarantine in order to keep our healthcare systems from becoming overwhelmed while still prioritizing our collective desire to reopen the economy. 

This leads us to the economic impact: businesses are being paralyzed by the shutdowns, and there is little question that we are heading into a recession which will outlast the immediate effects of the virus itself. This will mean budget cuts, layoffs, and for many, even a permanent shutdown of operations. Research by the JP Morgan Institute found that the typical small business has less than one month of cash on hand in the case of a full disruption. Unemployment claims have already skyrocketed to all-time highs, and the Federal Reserve estimates 47 million could end up out of work – an unemployment rate of 32 percent. But there’s a unique catch which makes this recession look extremely different from every historical precedent: to prevent the virus from resuming its spread before a vaccine is discovered, in this case we actually don’t want a widespread return to work and “business as usual.”

Many recession predictions have focused on 2008 as the most recent example. But a much more apt comparison for this pandemic than the 2008 financial crisis is World War II. Periods of war are the only other times we have asked our citizens to step back from their jobs and their lives in sacrifice for our collective safety and way of life. We should think about this crisis as a collective war effort, in which our goal is to beat back a common biological enemy, not just to return to normal life as quickly as possible. And as in WWII, winning will require heavy investment of government funds, a widespread embrace of patriotic duty for the common interest, and a fundamental reworking of how businesses operate.

2. A Paradigm Shift for Security

As security leaders, there are three major classes of change that require thoughtful navigation.

  1. Getting back to work: changes to immediate priorities as the orchestrator of workplace safety
  2. Doing more with less: changes to the financial standing and strategy of security orgs
  3. Germ culture as the new terrorism culture: changes to the macro threat environment

Getting Back to Work

The immediate goal of every business impacted by quarantines and health concerns, after the safety of employees, is to return to full productivity as rapidly as possible. This is the clear priority for security leaders today, as plans are drawn out not only regarding the length of time employees are away, but also how they will safely perform once they do return. This marks a stark change for these leaders vs. the pre-COVID world, in which disease prevention was generally not even under their purview.

Safe reintegration of employees to the workplace requires several steps. First is a reinvention of the sanitation baseline. Overseeing a shift towards frequent hand washing, more deep cleanings, suspension of flex desks and even upgraded air circulation and filtration systems will be key. Communal utilities, such as doors and elevators, should be as physically frictionless as possible to prevent the spread of germs. It will also be important to drive widespread cultural and behavioral changes to stop the spread, such as enforcing social distancing guidelines – particularly in industrial or warehousing facilities with structured and semi-predictable patterns of movement. Finally, security must help carry the mantle of employee health monitoring. Many companies are already considering or implementing mandatory temperature measurements upon facility entry, notably Walmart and Amazon, and others are leveraging the investigatory expertise of their security teams to conduct contact tracing for known cases.

Doing More with Less

With an economic downturn looming, companies will shift from prosperity mode to austerity mode. While security teams may get budget for new technology to combat COVID-19, cuts will inevitably happen elsewhere. The focal point for security leaders should be on driving efficiencies to maintain existing levels of protection with fewer resources. However, slimming down doesn’t have to mean settling. Strategic leaders will treat this period as a unique chance to overhaul the legacy facets of their operations and adopt new, more efficient technologies in their stead.

How? Security operations centers will monitor more cameras with fewer people, using advanced video analytics to raise new alarms and suppress noisy ones. Virtual, camera-based facility walk-throughs will replace costly in-person patrols. And as artificial intelligence systems that detect security incidents at superhuman speed come online, they will free up security teams’ most precious assets – their people – to do what they do best: respond swiftly and decisively.

Finally, a consistent pattern in past downturns has been an elevated desire to enhance transparency into organizational spending patterns. Prepare to demonstrate the ROI of new and existing tools, and take the time to prioritize what is strictly necessary vs. where you can proactively take new approaches to streamline operations. These measures will improve the ability to maintain critical budgets, and simultaneously fortify security operations longer term.

Germ Culture as the New Terrorism Culture

The most significant change to the macro threat environment post-COVID-19 is the sudden spotlight on biothreats. In the same way that 9/11 changed security culture and expanded government’s role via DHS and otherwise, there will be a broad shift towards the institution of preparedness mechanisms which a) reduce the chance that something like this happens again, and b) helps us respond more effectively if and when it does.

The response to the 2003 SARS epidemic in Asia is a useful comparison, due to both its biological similarity to the current coronavirus (technically, SARS-CoV-2), and the panic that it caused within the countries afflicted. SARS originated in late 2002 and spread rapidly in Asia through mid-2003. It infected 8422 people and killed 916 – a mortality rate of 11 percent. With that even higher rate versus what is currently estimated for COVID-19, it understandably prompted drastic responses from the governments and citizenries affected, many of which are still visible today.

First came proactive disease prevention and surveillance. In the immediate aftermath of SARS, Singapore, Japan, and China installed thermal cameras at airports and border checkpoints to detect fevers. There was also a cultural shift towards wearing masks in public as a way for people to both protect each other and show solidarity. Today, armed with that deadly experience, many countries in Asia stand out for their aggressive COVID-19 response.

Singapore deployed an app that uses Bluetooth and location services to track anyone that comes in contact with an infected person in order to retroactively contact trace. South Korea has leveraged surveillance camera footage, credit card transactions, and location data from phones to help with both contact tracing and quarantine enforcement. China has instituted mandatory temperature screenings at stores, apartment buildings, and offices, and is linking thermal camera readings to identities via facial recognition to track who is infected.

We should expect comparable measures here in the United States. However, this inevitably begs a question on privacy: how much are we are willing to sacrifice in order to counter these threats more effectively? This question is not new to us. Around the same time that SARS was running its course in Asia in 2003, the US was invading Iraq in response to the terror attacks on 9/11. Many of the reforms that came out of the 9/11 response, including the passing of the Patriot Act, have come under fire on privacy grounds ever since their introduction. And while some opt-in technologies for combating the disease are already being developed, such as a new contact tracing partnership between Apple and Google, other potentially effective means would be more invasive. This means leaders will have keep privacy top of mind as they do everything in their power to end this crisis, even happen at company-level, as germ culture becomes the new terrorism culture.

3. The Pandemic as a Catalyst for Change

Some of the most substantial changes that will come out of this pandemic are not actually new phenomena, but rather preexisting shifts which will be catalyzed by the crisis.

The clearest of these shifts will be a move to remote services, from video conferencing to e-commerce. We could see permanent changes to business travel culture, with fewer long-distance in-person meetings due to the rise in remote work and medium term international travel restrictions. We could see some companies learn that working from home suits them, and a consequent reduction or even elimination of their physical footprints. As a security leader, protecting a less centralized organization poses new challenges. In order to navigate this new world, effective mass remote communications capabilities must be quickly scaled up, and there needs to be a better system of record for who is on site at any given time, meaning access control systems need to be trustworthy.

Many slow burning societal and political shifts will also see acceleration. The steady rise in inequality will take a sharp leap, as poorer communities are hit harder by the financial hardships, potentially leading to greater social unrest and security macro security concerns. In this case, the delta between white collar workers who are able to continue working from home versus those who cannot, is greatly exacerbated. The Occupy Wall Street movement came out of the 2008 crisis, and it would be a mistake to think in a time of already tense political division that similar social uprisings will not manifest this time around. To remain prepared, security leaders will need to institute early warning systems technologically and organizationally, and ensure proper remote employee disaster procedures are in place.

How will this crisis influence the deepening political divide between China and the US? How will the public respond to the handling of the crisis, especially considering the geographic inconsistencies in response? How will the trend of misinformation respond to a fundamentally scientific enemy? We cannot definitively answer these questions today. But each represent a tipping point in the world that will likely have significant implications on global security operations. For example, will travel to and from China become more difficult? What happens if public backlash against the handling of the virus puts employees at risk? Coming out of this period, we must remain vigilant of the continued evolution of these shifts in order to keep our organizations safe and prepare for all possibilities.

Fighting this pandemic will take resilience, investment and time. Many aspects of the world are going to look much different when the dust settles. And as a consequence, it is critically important for leaders of industry and community to begin factoring the long-term implications on both the security industry and the world at large into the decisions made today. Those who step up as innovators – who are ready to tackle these new challenges with new solutions – will be best strategically positioned when we’re through to the other side.