Rethinking Campus & Multisite Security:
5 Proactive and Holistic Strategies for 2024
The security realm constantly evolves, presenting new and escalating challenges that demand vigilance and adaptive strategies. The 2023 Security Benchmark Report from Security Magazine highlighted the top ten issues plaguing the security industry: workplace violence, business continuity, cybersecurity, crisis management, and staffing and training.[1] This article aims to equip security professionals with an understanding of these challenges and propose approaches for fortifying security protocols and responses.
Addressing the Persistent Menace of Workplace Violence
Workplace violence remains a critical concern that organizations cannot afford to overlook. Recent reports suggest that in addition to resulting in human tragedy, these incidents unseat business operations, damage reputations, and pose a significant legal liability. The gravity of this issue has accelerated the need for comprehensive, and innovative strategies aimed at mitigating these risks.
Nearly two million workers in the United States become victims of workplace violence each year per data shared by the Occupational Safety and Health Administration (OSHA) [2]. These incidents are not confined to physical harm; they encompass a range of behaviors from bullying and harassment to more extreme forms such as assault or homicide. Additionally, workplace violence causes American businesses to lose on average $250 to $330 billion every year.[3].
To address workplace violence, organizations are increasingly focusing on initiatives centered around fostering a culture of mutual respect and safety. This involves the development and enforcement of comprehensive workplace conduct policies that clearly outline unacceptable behaviors and provide a secure, confidential reporting mechanism for employees.
Creating policies and reporting avenues are only part of the solution. Businesses are progressively investing in ongoing employee training and resource programs to enhance awareness, emphasize preventive measures, and cultivate a supportive, vigilant workplace.
Upholding Business Continuity in the Face of Adversity
Undeniably, the COVID-19 pandemic has underscored the need for robust business continuity plans. FEMA reports that a staggering 40% of businesses fail to reopen in the wake of disaster [4]. Whether the disruption is due to a global crisis or a more localized issue, safeguarding business operations necessitates preparations that are comprehensive, flexible, and routinely tested.
Assessment of potential risks and threats is critical in mitigating the impact of potential incidents. With this knowledge, organizations can devise strategies such as establishing alternate supply chains, creating remote work policies, detailed communication protocols, and cyber defense.
Modern business continuity professionals are addressing longer-term issues and expanding beyond traditional duties (developing plans, conducting risk assessments, running drills, and ensuring services can be restored) to include strategic planning. Security professionals are increasingly incorporating technological advancements and cloud-based solutions into their business continuity strategies. This multipronged approach includes the deployment of digital safeguards, communication protocols, and remote workforce enablement to ensure operational continuity. Having a comprehensive business continuity plan can mean the difference between survival and shutdown.
Nurturing Cybersecurity Resilience in an Era of Digital Transformation
The rapid digital transformation across industries has substantially expanded the attack surface for cyber threats. With businesses increasingly reliant on interconnected systems and cloud technologies, the need to fortify cybersecurity defenses has taken on unprecedented urgency.
According to the World Economic Forum, only 4% of organizations [5] are confident in their assurance of security to “users of connected devices and related technologies are protected against cyberattacks.” and IBM’s 2023 report[6] indicates the average cost of a corporate data breach in 2023 stood at $4.45 million.
Security professionals are augmenting their cybersecurity posture through comprehensive risk assessments, proactive monitoring, and incident response protocols. Embracing a zero-trust security model that assumes a persistent threat environment and necessitates verification from all accessing devices or users serves as a cornerstone of this enhanced defense. Employees are an organization’s first line of defense, therefore emphasizing regular cybersecurity awareness training and equipping employees with the tools to identify and report threats promptly is critical.
Proactively combining technological defenses with sound policies, regular training and a culture of awareness can go a long way in fending off cybercrime.
Optimizing Crisis Management Protocols for Speed and Effectiveness
Recent global events have underscored the inherent unpredictability of crises, from natural disasters to political uncertainties and beyond. In a 2020 survey by Deloitte, [7] it was found that more than half of all companies had faced a crisis within the past two years. Maintaining a comprehensive crisis management strategy – one that emphasizes speed, agility, and communication – has become a priority for businesses seeking to navigate these turbulent waters effectively.
Crisis response has evolved significantly in recent years. The 2023 Global Crisis Management Benchmarking Report cites survey respondents are making changes to their crisis response plans, including the increased use of technology (64%), preparedness (48%), involvement from leadership (48%), and the frequency in which they conduct drills (20%). [8]
Effective plans begin with a clear identification and understanding of potential crises that could disrupt the organization’s operations. These may range from natural disasters and cyber threats to reputational damages. Crisis response planning should also incorporate a cross-functional group, including functions such as operations and technology, legal, human resources, media relations, risk and compliance, finance, and investor relations. Once a plan has been created and communicated, it should be tested via a simulation exercise to identify any weaknesses and fine-tune the response strategy.
The advent of technology has significantly streamlined crisis management, enabling real-time monitoring and response coordination. Integrated communication platforms facilitate instant collaborative decision-making, ensuring that responses are informed and swift. Emphasizing training and conducting regular simulations enables businesses to refine their crisis management plans and enhance their readiness for any eventuality.
Confronting the Challenges of Staffing and Training
The security industry’s demand for skilled professionals continues to outstrip the available talent pool, amplifying the criticality of effective recruitment, training, and retention strategies. In Gentec’s State of Physical Security Report 2022, 50% of the survey respondents noted that they experienced human resources challenges including staffing shortages and hiring difficulties. [9]
Organizations are exploring innovative ways to attract and retain security talent with the right technical and soft skills through competitive compensation packages and non-monetary incentives such as positive work culture, educational opportunities, and career advancement prospects. Moreover, they are investing in robust, ongoing training programs, focusing on technological skills, crisis management, and situational awareness. Training should also extend beyond the security team; all employees should be given basic security training to understand potential risks and the appropriate response. This holistic approach promotes a safe environment and fosters a workplace culture of shared responsibility.
Security technology and intelligence tools are also becoming increasingly essential in mitigating human resources challenges. Advanced analytics and artificial intelligence (AI) are at the forefront, enabling predictive threat analysis and automating the detection of anomalies. Integration platforms have also emerged, allowing disparate security systems and sensors to communicate seamlessly. This integration not only simplifies management but also enhances the speed and coordination of response efforts. By leveraging these sophisticated tools, organizations can alleviate the burden on their security staff, refocusing their efforts on more strategic tasks that demand human expertise.
In Conclusion,
The security landscape is in a perpetual state of flux, requiring constant adaptation and readiness to face new challenges. By addressing these challenges with comprehensive, innovative strategies, security professionals can significantly bolster their organizations’ resilience in the face of a complex, dynamic threat environment. The key is to think holistically, vigilantly embracing technology, communication, training, and a culture of safety to pave the way for a more secure future.
Citations:
[1] Security Benchmark Report 2023 https://www.securitymagazine.com/articles/100044-the-2023-security-benchmark-report
[2] OSHA https://www.osha.gov/sites/default/files/publications/factsheet-workplace-violence.pdf
[3] . “30 Startling Workplace Violence Statistics [2023]: Statistics On Workplace Violence In The US” Zippia.com. Oct. 20, 2022, https://www.zippia.com/advice/workplace-violence-statistics/
[4] FEMA https://bryghtpath.com/natural-disaster-preparedness/
[5] https://www3.weforum.org/docs/WEF_State_of_the_Connected_World_2023_Edition.pdf
[6] IBM https://www.ibm.com/reports/data-breach
[7] Deloitte- https://www2.deloitte.com/content/dam/Deloitte/global/Documents/About-Deloitte/deloitte-2020-millennial-survey.pdf
[8] Global Crisis Management Report https://assets.contentstack.io/v3/assets/blt5775cc69c999c255/bltdbdff27cf79c9d6d/6441862d507a5f582f917626/2023_Ethisphere_GlobalCrisisManagementReport.pdf
[9] Gentec Physical Security Report https://www.genetec.com/a/physical-security-report
