COVID-19 was this century’s largest global risk event to date, with far-reaching, long-lasting effects on society and the way we do business. Before COVID-19, pandemic-related risks were barely on security leaders’ radars. In fact, in early 2020, when Risk.net surveyed global operational risk practitioners on their most pressing concerns, the pandemic was a scant mention.
Within two months, the threat landscape dramatically shifted. Unlike localized, and fairly short risk incidents, business risks related to COVID-19 have stretched on for more than a year and have created a larger surface area of risk that continues to grow.
As security officers look ahead to a post-pandemic future, many find themselves with expanded budgets and an executive mandate to build the systems necessary to respond to the next global risk incident.
Examine risk holistically and eliminate operational silos across physical and cyber security teams
“A crucial lesson for leaders (particularly at the local level) is that resilience is most important when it comes to risks that are difficult to predict. The most important lesson is to avoid examining these risks in isolation,” writes W. Lee Howell, World Economic Forum Managing Director.
For security leaders, that means looking at risk more holistically and eliminating operational silos. Corporate risks are converging, and forward-looking companies need to move toward an operational model where real-time information, risk alerting tools, and risk intelligence is more widely shared across security functions.
In practice, that means a company’s physical security and cybersecurity operations centers share intelligence on a daily basis, using a common set of tools and processes to help them identify emerging risks in real time. That data, and the risk mitigation work performed inside security operations centers (SOCs), should inform the long-term planning that takes place inside the security and risk management function.
Leverage real-time information to maximize the outcomes of a converged security model
Consider how a converged risk model, where security operations—typically that of cyber and physical—live under one SOC, might have helped companies better prepare for business impacts from COVID-19.
In late December 2019, Dataminr first alerted its customers working inside hundreds of SOCs across the world that a new virus was quietly spreading in Wuhan, China.
Physical security teams used this real-time information to recall employees and executives working overseas, and build status reports as the virus spread across Asia and found early footholds in Iran and Italy.
Cybersecurity teams used real-time information to discover early, COVID-related spear phishing campaigns that targeted people anxious about the disease. Risk managers used the same real-time information to get an early view into health mandates being enacted in other countries, several weeks ahead of similar restrictions locally.
Under a converged security model, all three teams would have access to the same real-time information, and share insights to get better visibility into their organization’s current surface area of risk.
The converged security model would also tie a risk mitigation action taken by the corporate security team—for example, cutting short the CEO’s business trip to Italy during a disease outbreak—to larger risks, like temporarily closing all physical offices.
During the earliest weeks of the pandemic, real-time alerts from Dataminr included information about office closures at major companies, shutdowns of nonessential businesses, and panicked buying at retail stores in Europe—signals that preceded similar risks in the U.S. by weeks, in some cases.
How is your company democratizing access to real-time information?
Learn more about how real-time information can help security teams make better-informed decisions for business continuity.