Lessons for 2021
On the basis that normality is yet to return for some time, with Covid still at large and Brexit slowly progressing, what do we need to be doing as security professionals this year?
Firstly, let’s consider the risk climate. The latest crime statistics for England and Wales shows a 15% fall in thefts in the year to June 2020, but a 3% increase in violence against the person, and homicides (the latter does not include the 39 victims of the tragic Grays lorry incident). Reflecting this, organisations should be putting their focus on the safety of their people, many of whom are working from home, in under-staffed offices, or even on their own in situations that are now more precarious as a result.
Separately, there has been a huge increase in cyber-attacks in the past year, with a 715% year-on-year increase in ransomware attacks. The increase in wider cyber security attacks may be down to the spare time that many now have in which to conduct these attacks, and bad actors working on behalf of rogue nations. Many are the work of opportunistic criminals taking advantage of organisations that, in their rush to digitise operations during the pandemic, have adopted poorly-designed systems that leave them exposed to attack.
Security professionals should focus on three considerations in 2021 and it will come as no surprise to regular readers that they build on arguments I have made throughout 2020:
1. Recognise the risk
Risk is climbing the corporate agenda and should rightly be an issue for the Board, as the industry has argued for many years. There is clear evidence that firms are now redesigning supply chains, systems and processes to better address ‘Just in Case’ scenarios, instead of focusing solely on ‘Just in Time’. Security Managers should leverage their senior executives’ renewed interest in risk to build resilience and preparedness across their organisations with the right combination of technology, people and processes. Protecting people, data and reputations is more important than ever before.
2. Trust in technology
Consider how you can further digitise your security – but doing so correctly, with the appropriate protection in place to ensure systems do not invite hackers. As I have written before, most firms with even basic electronic security systems already have the basis on which advanced, information-lead systems can be built. These will allow remote monitoring, management and even maintenance and can provide highly-valuable information that supports business decisions, delivers greater efficiencies and, yes, saves money. Turn the security eco-system into an asset, not a cost.
3. Move with agility
If the pandemic taught us anything, it is that agility offers the best way for businesses to adapt to new situations and manage threats. It involves speedy decision making, placing trust in those across an organisation and, crucially, empowering them to make decisions. It also requires the rapid deployment of systems and procedures, and regular assessment of how these can be improved based on the insight that they provide. It’s about being fleet-of-foot, not flat-footed. Therefore, think agility when building a system, and design out complexity where possible.
In summary, tier four restrictions – or even a rumoured full national lockdown – can still be an enabler for education, infrastructure and commercial organisations to rethink their strategy, to accelerate projects, digitisation and investment. They can do this unencumbered by the normal complications of daily work, students and employees, allowing upgrades and refits to proceed at speed. Working in partnership with our customers, we in the security industry have a key role in helping to rebuild this Brave New World. 2021 is the year of unlimited thinking, breaking those old chains and daring to succeed.
I wish you all a Happy, Safe and Prosperous New Year!