In today's global economy, business cannot be siloed. It has also become more apparent than ever that security cannot be operated as a standalone department either. Over the course of the past year, we’ve discussed the convergence of physical, IT, and cyber security within organizations, possibly even more than we’ve talked about how technology is converging within the enterprise. The simple fact is that cyber threats continue to dominate the overall security discussion.
In fact, recent results from the Security Executive Council’s Security Barometer Polls found that cybercrime is the top risk facing today’s organizations; therefore, security teams are collaborating more to identify potential IT risks before a breach can occur. There are significant benefits to this level of collaboration; by collaborating across the enterprise and even sometimes with outside agencies data can be shared across multiple disciplines and organizations to gain more advanced security procedures and risk management processes.
As modern businesses continue to seek out new opportunities in emerging commercial centers and even high-risk geographic locations, CSOs require more effective and efficient intelligence-gathering processes to combat cybercrime, insider threats, terrorism, and more. Consistent evaluation of the current risk environment is mission-critical to ensuring a safe and secure environment. Without comprehensive situational awareness, mitigating risk is difficult at best.
Mitigating Modern Day Risks
From active shooters to political activism and beyond, enterprise security leaders must ensure a high level of situational awareness to reduce risks — whether an office is in a suburb of Cleveland, Ohio, or within the growing metropolitan lights of Dubai. Insider threats and workplace violence, for example, are serious threats facing today’s enterprise organizations. According to statistics from the U.S. Bureau of Labor Statistics (BLS), an average of 551 workers was killed each year between 2006 and 2010 as a result of work-related homicides. Shootings accounted for 78 percent of all workplace homicides — 83 percent of which occurred in the private sector.
The risk of insider threat, which was the second most-reported concern by respondents to the Security Executive Council’s security survey, propels corporate entities to find ways to address situations quickly and efficiently. With a wealth of network-enabled sensors, such as video surveillance cameras, able to generate incredible sources of data, the opportunity to gain new levels of insight and intelligence is of higher importance than ever before. But it is more critical than ever to find new ways to gather, process, and analyze this data to gain better actionable intelligence so that operators can proactively manage the organization’s threat landscape.
The Connected World
The consistent demand for IT-powered and mobile solutions (the now familiar trend known as the Internet of Things) and new technologies, such as facial recognition, biometrics, deep learning, artificial intelligence, and robotics, is booming. These trends and themes propel today’s enterprise leaders — in various security, IT, operational, and business positions — to evaluate the benefits and the risks of the “connected world.”
The IoT focuses on increased machine-to-machine communication. Built on cloud computing and networks of data-gathering sensors, it’s mobile, virtual, and instantaneous — all things today’s businesses and business leaders look to incorporate daily to streamline operations further and drive efficiency. The IoT is projected to grow at a rapid rate, making various devices from streetlights to grids “smart.” Gartner forecasted that 6.4 billion connected items would be in use worldwide in 2016, up 30 percent from 2015, and will reach 20.8 billion by 2020.
Consider all of the information flowing into a business from all these sources: the IoT, Big Data analysis, video surveillance, IT network data, weather sensors, watch-list tracking, and much more. All of this data doesn’t become actionable until it's correlated. Once processed and analyzed, stakeholders can leverage the most critical data points to identify trends and see the impact of potential risks.
From a technology perspective, the ability to fuse multiple data sources into a single “pane-of-glass view” helps stakeholders realize new levels of situational awareness. In the past, operators would manually piece together information from disparate systems to try to identify a particular event or trend. This process was time-consuming but necessary to understand the full context of the event taking place.
Comprehensive situational awareness is achieved when data is fused from a wide range of security, IT, and operational technology systems, including video surveillance and non-video sensors — such as audio, social media, access control, weather data, and intrusion detection. By aggregating data from multiple sensors, situational awareness solutions enable efficient information correlation and analysis; rapid, rules-based alerts and response procedures; and the ability to share information quickly within and across agencies to facilitate timely response and investigation. Bringing all data points into one platform allows for early detection and analysis of threats, which can be used to initiate better planning, faster and more efficient response, and better decision-making overall.
Knowledge is Power
Modern enterprises must focus on preventing risk to ensure long-term business continuity. And in today’s environment, it is critical to combine physical security, IT functionality, operational technology, and cybersecurity efforts to help gain greater insight and drive actionable intelligence. The collaboration of various stakeholders, business functions, and strategies allows organizations to be more focused, effectively identify threats, develop trends, and quickly access relevant data to meet evolving business requirements.
In today’s world, security is mission-critical to an organization’s success and needs to be looked at holistically. Organizational convergence is just as significant: Cyber, IT, and traditional security teams need to combine forces to enhance risk mitigation. A standard operating strategy that drives immediate and efficient communication and response can make a significant difference in how an event is managed and how that event impacts business continuity, employee safety, customer experience and even, brand reputation. By accessing a comprehensive view of an event or the current risk profile, stakeholders build stronger insights that help make responses more effective and efficient.
About the Author: Alan Stoddard is Vice President and General Manager for Situational Intelligence Solutions at Verint.
