GSX 2021 Recap: 4 Can’t-Miss Sessions on the Future of the Security Industry
Get our takeaways about the most pressing issues facing the security and safety industries today and how to overcome them from GSX 2021.
- A Framework for Using Threat Intelligence
- The Role of AI and Machine Learning
- The Impact of Ransomware Attacks
- How to Prepare for Civil Unrest
- What’s Next for the Global Security Community
With an increasing number of threats facing organizations every day, security professionals often find themselves struggling to keep up. But Global Security Exchange (GSX) 2021, which took place in Orlando, FL from September 27–29, aims to change that. The annual conference geared toward the global security community helps organizations better navigate the ever-evolving threat landscape by supplying attendees with need-to-know strategies and tools for better assessing risks to their businesses.
This year’s conference specifically focused on the new and unique challenges facing security leaders because of COVID-19. The workplace continues to get more complicated each day, with millions of employees still working from home offices or other remote locations. For safety and security professionals, that means they must now monitor hundreds—if not thousands—of threats occurring around the world instead of the few that might impact a smaller number of corporate offices.
If this year’s GSX sessions were any indication, industry leaders have spent countless hours identifying how to prepare their organizations for the new workplace, and they have numerous insights to share. We sat in on four sessions that outlined some of the most pressing issues facing the security and safety industries today and how to overcome them. Here is what we learned.
A Framework for Using Threat Intelligence
Businesses’ intelligence needs vary from data sets on neighborhood crime rates to active demonstrations to new malware attacks. While some of this information might be publicly available, it can also be messy, incomplete, and unreliable. In a session titled, “Using Intelligence to Make Your Security Program More Effective,” Matthew Tompkins, Director, Intelligence Coordination Division at Federal Energy Regulatory Commission (FERC), walks through a framework he developed to help security professionals identify the right information at the right time.
During the session, Matthew talked about why intelligence data needs to be U.G.L.Y.
- Useful: Ask yourself whether the data you’re using has the appropriate amount of detail for you to make an informed decision. Does it also indicate whether an action can be taken? If not, you probably don’t want it.
- Germane: Consider whether the information you’re collecting and using is directly or indirectly related to the question(s) you’re trying to answer and/or the problem you’re trying to solve.
- Looming (or Timely): Intelligence should help you understand how quickly you need to move to mitigate the threat. Intelligence that fails to support quick decision-making is incomplete.
- Yours: Lastly, intelligence needs to be tailored to your organization and trustworthy. Even if you can access classified information, you need intelligence you can easily share with other team members. For that reason, Matthew advises sticking with internal data, publicly available data, or data provided to you from a reliable and trusted third party.
One additional factor we’d add to Matthew’s method is that the best threat intelligence combines people and technology. Technology might surface a lot of information quickly, but people are necessary to ensure its accuracy. The combination makes it faster to get verified data on an active threat and know who is impacted to help keep businesses up and running and employees safe.
The Increasingly Important Role of AI and Machine Learning
On the topic of information, Jeff Sieben, CPP, and Hamman Samuel, an artificial intelligence researcher at the University of Alberta, further home in on the fact that data continues to explode in size and volume. In their session, “How to be Future Ready and Data Focused: AI and ML for Analytics of Security Data,” they discuss why it’s necessary to use artificial intelligence and machine learning within a security program.
These technologies can analyze billions of events in real-time and provide immediately actionable insights to security teams working to uncover new and emerging threats to their enterprise. And while Jeff and Hamman also dive into more of the technical aspects of AI, including how to use supervised vs. unsupervised machine learning for offensive security tactics, their presentation focused on the point that the future of security must involve advanced technologies to be successful. For example, AI can prove to be especially useful in the threat detection or identification phase.
But they also caution that AI and machine learning will never be a complete substitute for human decision-making. The true power of AI exists in its ability to improve security leaders’ recommendations and responses to an issue. AI may help automate many labor-intensive tasks, but it will never fully replicate human thought and reasoning. By understanding its limits, organizations will be able to integrate it in areas where it matters most.
The Impact of Ransomware Attacks
We can’t talk about the security environment today without mentioning cybersecurity. Cybercrimes have escalated considerably in the past year alone, with ransomware attacks specifically responsible for numerous business disruptions. Already this year, ransomware shut down large sectors of the American economy in more than one scenario and proved its ability to have devastating effects on the physical world.
That’s the main takeaway from the session, “Demystifying Ransomware in Physical Security,” hosted by security expert Jeff Sieben, CPP, and Rex Lam, a senior consultant at Guardian Forest Security Ltd. In examining the Colonial Pipeline ransomware attack that occurred in May 2021, they point to the fact that the attack managed to temporarily close pipeline operations for several days, leading to a shortage of gasoline along the South and East Coast of the United States.
Ransomware is expected to continue to be one of the most prevalent cyber-attacks on businesses. More than 50 percent of all companies suffered a ransomware attack in 2020. According to the 2021 Verizon Data Breach Investigations Report, ransomware is now the third most common cyber threat globally. The good news is that there are several steps organizations can take to defend themselves against these types of attacks better.
Jeff and Rex first emphasize the importance of training for employees. Humans are often the weakest link when it comes to ransomware attacks, so organizations need to proactively safeguard themselves by helping their people better understand what to look for. Second, grow your network of expert services and systems, including an emergency communication software solution that can help you quickly alert your company should an attack occur and take immediate action before it spreads further throughout your organization. Lastly, conduct a security risk assessment. Inventory all your assets, both physical and IT-related, and identify those that might be impacted.
Cyber threats are no longer only an IT concern but a workplace safety concern. Imagine if a ransomware attack took down your company’s systems. Depending on your business, that could mean the loss of access to essential programs or even an inability to operate machinery. Cyber threats are inevitable, and every organization will at some point experience one, so prepare well in advance.
How to Prepare for Civil Unrest
A final theme that continued to pop up throughout GSX 2021 included civil unrest. According to the Global Peace Index 2021, civil unrest increased globally by 10 percent during 2020, with nearly 15,000 demonstrations. These demonstrations can potentially impact entire cities, shutting down streets, causing significant traffic delays, and in some instances, even leading to violence.
In the session, “Protecting Public Buildings Against Violent Civil Unrest,” a panel of speakers from the private and public sector discussed best practices for preparing a business for real-world active demonstrations. Their advice included everything from securing the perimeter of your building to establishing relationships with law enforcement and defining emergency lockdown procedures. Daryle Hernandez, a security director with the U.S. Department of Homeland Security, also advised locking all building doors from the outside and designating a specific entrance for employees and staff to use.
But each piece of advice centered around the importance of planning ahead. Civil unrest and active demonstrations can be unpredictable, but having a plan in place before an event will allow you to ensure a timely response that keeps your business and your people safe. Your emergency response plan should include whom to contact, the appropriate evacuation route out of your building, how to mitigate risk to your building and your employees, and detailed communication procedures to follow during and after a demonstration occurs. Communication is perhaps the most critical part of your plan. You need to consider what your message will entail, how the information will be delivered and received, and which channels you’ll use to reach your employees.
Looking Ahead: What’s Next for the Global Security Community
As businesses continue to navigate the pandemic and the changing workplace, the role of security and safety will also evolve. Leaders will find themselves dealing with more sophisticated threats, and keeping employees safe and out of harm’s way will be a challenge. The legacy tools and technologies we once relied upon to help us do our jobs will no longer be sufficient, especially for emergency response efforts.
Instead, organizations will need modern tools that help them respond to nearby threats in real-time. AlertMedia’s multichannel, two-way emergency communication software combined with our Global Threat Intelligence helps keep employees safe, informed, and connected during any critical event. Learn more by requesting a live demo.