How to assess risk in the new age of normal

April 28, 2020
The COVID-19 crisis figures to be a transformational event for security technology

There is nothing like a crisis to help spawn a fresh dictionary of buzzwords to describe state of mind. As the world continues to battle the global COVID-19 pandemic, business executives, risk managers and security chiefs are rolling out terms like the “new normal,” paradigm shifts, social distancing, herd immunity, and flattening the curve. We are using words like unprecedented, quarantine, incubation, isolation and heroes more than ever before.

Precedence Has Been Shattered

From a security and risk perspective, the new lexicon of “normal” will undoubtedly change. That change will affect how end users will view technology now and into the future, as the past several months have forced us to reassess technology more as a strategy than a tool. The COVID-19 crisis has also redefined what risk is with many security directors. For Brad Brekke, the Principal and Managing Consultant with the Brekke Group, who has served in senior physical security roles in government agencies and corporate entities providing strategic counsel and supporting physical security transformation projects, the sheer scope and speed of transmission of the novel coronavirus has created a crisis most risk and security executives have never experienced. He maintains that the entire definition of crisis management has been turned upside down and is presenting the world with unknown challenges.

“Most of security directors have dealt with physical risk and they've learned digital risk over the last 20 years,” says Brekke, noting that this risk landscape is different. “This is biological risk, fitting more medical or weapons of mass destruction background. It is unknown. There's a lack of data, not just for security but for the world, so, it's very challenging. When you look at the industry sectors some are public-facing, some are international, some are healthcare, some are regulated. There is a lot of uncertainty as they navigate this and I would say they are challenged in a way I have not seen before in my lifetime, but I also say they are learning quickly.”

Brekke admits that the models for business continuity and crisis preparedness have mostly been shattered given the magnitude and rapid progression of the virus and its impact on every business sector. The questions among his peers about what the new normal figures to be as businesses regroup once the COVID-19 panic subsides are surprisingly basic.

“I think the biggest question is where does this all go. What does the new normal and the future look like? How do we prepare our companies for it? Security is being pulled into the forefront during this crisis and we have a great opportunity to look at what that future might be based on,” Brekke explains, saying the post-virus future provides CSOs and risk executives an opportunity to wipe the slate clean and start with new risk strategy and a new approach to implementing technology. “What does technology look like in the future to help resolve and manage this crisis? So, I don't think there's one particular set of questions. It is just a constant stream of what's next.”

Using Technology As a Strategy

Figuring out the future role technology will play across commercial, healthcare and government organizations as new mandates reflect a different consciousness and tolerance to risk in light of this pandemic is potentially mind-boggling. Especially for systems integrators responsible for putting the round pegs into the square holes.

Ken Lochiatto, the President and CEO of Convergint Technologies, who has been with the company since 2014, realizes there is never a good time for a crisis.

“They happen and we can all look back and debate how prepared our governments were or how citizens were prepared to deal with it as we move forward, but the fact that here we are using technology to be on a videoconference taking people literally across the United States into Canada is the same technology that has allowed us to migrate big chunks of our workforce from working in office buildings to working from home,” adds Lochiatto referring to the Connect’DX virtual trade show and educational event sponsored by Genetec last week. “The fact that it is keeping our economy going to whatever degree is a huge testament for where technology is taking us. It will be interesting to see how we use technology to further secure workplaces and keep our colleagues safe once we come out of this.”

Lochiatto sees security professionals providing technology to their clients from one end of the use-case spectrum to another. Advanced camera technology can be used to monitor elevated temperatures in people or access control systems may be adapted to manage the social distancing aspect of the building or even how to manage who's been in contact with people that test positive for the coronavirus, adding that these technological measures may just be short-term solutions.

“We may have to adapt for a period of time, until we emerge from this or have the vaccine, whether it be six to 18 months into the future. But we are going to have to morph a little bit as a society,” he says. “It will be interesting to see if people become even more comfortable with technology.”

The Future Is Already Here

Both integrator and end-user agree that technology questions that would have taken years to sort out will now be answered in the space of six months to a year now given the increased timeline forced by the pandemic. “I think for the security industry, this is going to drive an even greater need for the products and the services that we deliver.”

Jonathan Ballon, Vice President and General Manager at Intel, whose team has pioneered artificial intelligence (AI) and deep learning applications with computer vision capabilities, finds his company in an interesting position in this technology jigsaw puzzle. The Intel technology he directs is an integral ingredient in many of the most advanced security systems and solutions on the market. Ballon contends that he and his team are able to see how things might play out because many of his technology partners are playing with “house chips,” providing them access to Intel technology that is years away from the open market.

“We believe very strongly in getting signals like we've had over the last couple of months and acting on them. Knowing that taking a decision, even if it's conservative or wrong, is better than no action at all. We have to have an action-oriented approach to this (crisis) environment. I think we have seen over the last 20 years dress rehearsals for what we're in right now, whether it was the dot.com crisis, the 9/11 attacks, SARS in 2003, or the economic event we had in 2008-2009. All of these things brought us one step closer in every event to see more of a distributed adoption of technology strategies and policies,” Ballon explains.

Quoting the noir prophet of cyberpunk science fiction, writer William Gibson, Ballon adheres to Gibson’s belief that, “The future is already here – it's just not evenly distributed.”

“There's a lag between innovation and then the adoption and proliferation of that technology. We're a global organization and I talked to customers in Europe, I talk to customers in China and across Asia, and everyone is at a different stage (of recovery) right now. It's very interesting to see where their priorities lie in resuming operation and getting back to business,” Ballon says. “But one thing is clear, and one thing is shared amongst all of them. Technology will play a fundamental role in how they think about their operations moving forward and taking a digital approach to that technology strategy. You know what…there's an opportunity to redefine what security means and redefine that value proposition for our shared customers in enterprise and government. I think that's something really that's worth exploring.”

As Brekke sees it, the migration of security post-COVID-19 is as he calls it, “prevention left of boom”, which was the term used by security and risk executives post the 911 terrorist attacks on the United States.

“I would say…that is the goal of security today. How you get there, those are the bigger challenges. In the middle of this event there is an opportunity to help security re-envision themselves. Even though this is a crisis, I would also describe it also as a business disruption. Like any business being challenged with disruption, you have to determine what do I do differently; what's the new playbook because I don't have one for this,” Brekke says. “I think there's an opportunity for security to start to look at themselves and to develop a business plan of what the future might look like, which could include public health as a different aspect to security. But most importantly, security is going to have to align with whatever the new business model is for the organization they're serving. The value proposition that will define security's role moving forward must revolve more around the business, and less around just the notion of security.”

About the Author: Steve Lasky is a 34-year veteran of the security publishing industry and multiple-award-winning journalist. He is currently the Editorial and Conference Director for the Endeavor Business Security Media Group, the world’s largest security media entity, serving more than 190,000 security professionals in print, interactive and events. It includes Security Technology Executive, Security Business and Locksmith Ledger International magazines, and SecurityInfoWatch.com, the most visited security web portal in the world. He can be reached at [email protected]