Technology continues to transform the physical security industry, helping companies become more aware of the full spectrum of risks their organisation faces. Our new survey provides strong evidence that the use of these tools is solving some problems, but their implementation may create new challenges.
In our 2022 State of Protective Intelligence Report, 93% of respondents said their company was actively adopting new threat intelligence, monitoring and alerting solutions for physical security, cybersecurity, human resources, legal and compliance, but they don’t have a comprehensive strategy for holistic data analysis and reporting. Companies are now receiving multiple streams of new intelligence and information without a way to make the information quickly actionable.
Several negative impacts
In short, teams responsible for physical security are nearing information overload. That finding was reinforced by another survey response. When we asked security, legal, and compliance professionals what they saw as their biggest challenges in 2022, 40% of respondents said their top concern is the problem of how to manage threat data, up from 32% in 2021.
40% of respondents said their top concern is the problem of how to manage threat data, up from 32% in 2021
The irony of this situation is that many of these tools replaced labour-intensive work (like physically going to the courthouse to pull files), making it possible for security professionals to get a better handle on the larger problems they face. Security teams that once suffered from a lack of information –– or time to get it –– now they are confronted by the opposite problem. This problem of information overload can cause several negative impacts.
Physical threat volume
First, there’s the potential for missed threats, even though the threat information is in your possession. If the information isn’t actionable, the security team can miss the proverbial needle in the haystack. In the survey, nearly three-quarters of respondents expect physical threat volume to increase in 2022, and 41% anticipate they will miss 51-100% of threats against their company or its employees. Real-time threats are going unnoticed in a stream of information that flows so quickly, analysts have little opportunity to connect the dots and make sense of it all.
The second major impact of information overload is the roadblocks it creates, preventing the security team from working most effectively with other business units. The emerging class of technology tools collects threat information that can identify threats far beyond the security team, but the information collected is only useful if it can clearly articulate the scope and scale of the identified threats.
Tracking threat information
All systems are gathering information to understand what is or isn’t a threat"
While the physical security team is usually tracking threat information most closely, other teams in the organisation also depend on receiving the same timely and accurate information to accomplish business-critical objectives. Without tools that can process and analyse data from all units holistically, information is likely to remain siloed within various business divisions, even though the HR, legal, compliance or cybersecurity teams may have just as much need to understand the threats as the unit that collected the data.
“All systems are gathering information to understand what is or isn’t a threat,” said Danielle VanZandt, Security Industry Analyst at Frost & Sullivan. But, as she pointed out at the recently held Ontic Summit, this can be an issue if different areas of an organisation don’t share a common understanding about the threats they have individually identified. ‘It’s like when everyone touches parts of an elephant and is then asked ‘what does the elephant feel like?’
Threat data management
Without a common understanding of the threat picture, each team may have very different answers, but VanZandt says using technology to promote information sharing and threat data management can help bridge this gap. Here’s an example: An overwhelming majority of organisations report that they have policies in place to notify security, human resources, and the legal department when an employee is terminated.
86% of respondents said violence or harm has occurred in the past year when an employee was furloughed
However, those policies aren’t consistently applied, making it more likely that a potential threat actor could cause actual damages. According to our survey, 86% of respondents said violence or harm has occurred in the past year when an employee was furloughed or fired because their organisation does not consistently notify physical security, legal, or human resources, nor are they present when the dismissal takes place.
Mitigating potential threats
When all company units who are attempting to prevent problems can share a common understanding of potential threats, many of the most common problems can be addressed and mitigated before they occur. Improved coordination and information sharing also ensures all appropriate information can be used in decision making. In the case of an employee termination, most decisions are weeks or months in the making.
Ensuring that security, legal, and human resources are sharing appropriate information as quickly as possible can help to create an effective plan to monitor the progress of an employee who is struggling, or prevent damage at the time of termination. While technology cannot solve all of these problems, technology tools can provide a confidential means to share appropriate information with the individuals or business units who need to know, ensuring everyone involved has access to the most updated and relevant details to understand and mitigate potential threats.
Effective management of threat data, whatever the source, requires appropriate tools to foster effective analysis. Promoting holistic data management practices throughout the organisation will ensure these tools are used most effectively without causing further information overload.