It sounds simple: a company must be a safe place to work, and people will want to work for companies that make them feel safe. Companies have a duty of care and responsibility to keep employees safe, even as many work remotely. But as enterprises undergo digital transformation, physical security has at times been left behind (with legacy and outdated technology systems) despite a rise in threatening events and its increasing importance for corporations. Embracing digital protective intelligence and making safety a priority is not just a way to support wise corporate values, but given the potential loss of life and the cultural, bottom line and brand reputation damage that could occur, must be a mandate for modern business operations.
Large organizations spent an average of $17.92 million per incident over the past year to resolve incidents of insider-related threats, according to Ponemon research. For perspective, a single cyber data breach averages $3.86 million. No responsible corporate steward is ignoring their company’s cybersecurity needs or investment. But the Security Operations Centers (SOC) of 2020 and the next decade need to go beyond cyber and deliver holistic protective intelligence at scale with speed, efficiency and insights.
A digital inflection point for physical security and the art of protective intelligence
Corporate safety professionals and security officers, working in tandem with CSOs and HR, are the eyes and ears keeping executives, employees and customers safe. Out in the field, at the storefront, traveling with executives, and monitoring multiple office locations, corporate security leads wear many hats, and must make informed decisions for the safety of their organizations. But they are often stretched for time, using various unrelated tools, with the critical information they need difficult to quickly and efficiently access from other areas of the organization.
The pandemic has infused health and safety concerns into every aspect of our lives, injecting even greater urgency for organizations to break from an ad hoc manual records-scouring approach to physical security and accelerate adoption of 24/7, comprehensive, technology-driven real-time data that’s mobile, always tracking key insights and connecting potentially threatening incidents and events throughout an organization. Efficient mobile applications have never been more critical, especially in our work-from-home new Zoom norm.
Protective intelligence isn’t a new concept, but the way organizations can now collect, structure and act on this intelligence is ushering a new, technology-powered era of innovation for the art through mobile applications, data integrations and software-as-a-service (SaaS).
The ability to see around corners has also never been more important. Protective intelligence forecasts, identifies, and assesses threats in near real-time so that security teams can take appropriate measures to avoid and alleviate them. Companies can reduce the risk of violence if a threat can be detected, evaluated, and rendered harmless before execution. The most significant benefit of the art of protective intelligence is the ability to be proactive and prevent incidents before they occur, instead of reacting to a situation as it unfolds. I had a front row seat to a reaction mindset and learned this lesson hard in the 1980’s.
COVID-19 lawsuits compounding rise in cyber-physical attacks
By some estimates, the global physical security market was valued at $102.9 billion in 2019 and is projected to grow 6.5% annually, from 2020 through 2027, while the global cybersecurity market size was valued at approximately $156.5 billion, and is expected to have 10% annual growth rate over the same time period. According to Gartner, in the next four years, three out of every four CEOS will bear personal liability for cyber-physical security incidents - which can quickly lead to physical harm to people and destruction of property - and these incidents will increase dramatically in the next few years if the lack of spending on these assets continues. What’s more, the financial impact of cyber-physical attacks resulting in fatalities will reach over US$1 billion by 2023, according to Gartner.
With COVID-19, physical security teams face new challenges on top of what is already a high-stress job. The remote workforce has pushed potential threats out of the office and into the home that organizations must manage appropriately. Threats still exist even with employees working remotely.
In addition, lawsuits against employers are piling up in state and federal courts, and as of August 1, 442 COVID-19 related suits were filed against employers in the U.S., with that number only expected to rise, according to labor and employment law firm Fisher Phillips. From January to April of this year, according to data gleaned from Ontic’s clients, companies reported a 300% increase in COVID-19 and threat-related data through social media.
This increase in COVID-19-related litigation and threat data only compounds the number of ongoing threats and potential lawsuits corporations face on a more consistent basis from disgruntled employees. Companies must recognize the multitude of factors that may result in lawsuits, whether they are COVID-19 related or not, and identify the best strategies for mitigation.
Furthermore, regulations and mandates that inform businesses and educational institutions on how to handle COVID-19 are changing quickly as more information becomes available. Gartner predicts that regulators and governments will drastically increase rules and regulations governing corporations as a result of failures to address an increase in incidents. However, because there is a level of uncertainty and murkiness, with no clear single way to handle this complex situation while keeping people safe, employers have become larger targets for litigation.
When these lawsuits against employers do arise, it is imperative that organizations can illustrate clear compliance and audit steps that they’ve taken to reduce their liability. Ultimately, this proof of action and accountability from businesses can save them millions of dollars in the courtroom, as COVID-19-related lawsuits increase and add another layer of liability for employers. COVID-19 aside, having evidence of organizational activities and processes when dealing with serious and potentially harmful situations limits liability and puts businesses in a better financial position when all is said and done.
In sum, to protect their business, employers must adapt to rapidly changing circumstances and understand the factors that impact their business liability. When organizations strengthen their security programs with technology-driven protective intelligence, have detailed audit trails, and take preventative measures to protect employees, they can expect to minimize their liability when events occur and lawsuits emerge.