webvic-c

Technology - helping or hindering security?

Security

International security experts debated the use of technology as both a help and a hindrance to security in the COVID-19 era at a webinar organised by Outstanding Security Performance Awards (OSPAs)

Referring to this time as a “surreal time in our lives,” Mike Bluestone, director of security consulting, Corps Security, spoke about the impact of technology in two distinct stages – the first during lockdown, which has created its own set of challenges, and the second post lockdown, when things start easing.

“In the run-up to the lockdown it became clear that with many organisations and businesses compelled to vacate their premises, new strategies would be necessary, such as an increased reliance on remote monitoring and patrol solutions,” he said. A combination of remote monitoring, mobile patrols and the presence of static guards, albeit in reduced numbers, will help mitigate the impact of increased levels of organised and opportunistic crime and anti-social behaviour, particularly vital at a time when police forces are under pressure.

The use of portable devices by security personnel is another tool that will enable real time reporting of incidents and ensure appropriate alerts to the police and responders, he added.

“We have to factor in the increased risk of cyber attacks, so in vacated buildings, the integrity of server rooms, anti-flood protection, protection of calling systems and their durability will be as important as the importance of firewalls and virus-tracking software, maintaining strong SOPs, password protection etc.“

Turning to the post-lockdown scenario, he commented that there will be opportunities for security teams to use hand-held, non-contact devices to measure human temperature and help in access control, where social distancing rules may still apply.

Chris Cubbage, director and executive editor at My Security Media, Australia, commented that with technology and security the “knife cuts both ways”, highlighting the need to weigh up security and safety considerations against privacy considerations. How can authoritarian regimes use technology, for example. He also cautioned against an overreliance on technology.

Discussing technology trends, he said, “The main things we’re seeing, particularly in surveillance, are the use of apps for contact tracing; and technologies for object identification, facial recognition and voice recognition,” adding that drones and robotics are continuing to evolve very rapidly. Cyber security is a central focus, with military technology and space technology playing an increasing role here.

Mark Folmer, vice president of TrackTik, Canada, suggested that the security industry is behind the curve when it comes to digital transformation, for a variety of reasons, such as perceptions of the public and the industry, tight profit margins, and the continuing approach of many old-school firms to address service delivery issues by providing old-school solutions.

“In the pandemic became obvious that front-line security providers have their place in mitigating measures, and add value in terms of real time reporting and providing analytics to decision makers. But it also became obvious that many of these businesses hadn’t adapted to more modern or current event technology,” he said. Those who have embraced technology and new business models have been more successful in their pivot and transition to different types of services, he said. While front-line security is essentially on-site, the ability to deliver services and support from non-office locations has been beneficial in the lockdown, using remote video monitoring, supervision and deployment. However, many security providers have been unable to do that because of the technology lag, he noted.

The pandemic has meant that many business and security leaders will be more open to the potential of technology, once we get to the “new normal or the new new”, he concluded.

Monica Verman, board member and CISO of CSA Norway highlighted the need to improve cyber resilience and be prepared for cyber warfare, at a time when cyber criminals are exploiting organisational vulnerabilities and disruption due to the COVID-19 pandemic. Investing in cyber resilience is critical, she stressed. Technology and software will never be perfect and will always be abused, however much we build better code and better security.

“Detect, respond and recover are already key parts of the framework, but the one thing we need to get better at is timely detection, timely response and timely recovery to achieve cyber resilience. Time is of the essence. That’s what we need to look at when we’re talking about how we use technology, to improve the security not only of businesses but of society.

“Cyber resilience today is much more proactive than just building software which is secure,” she continued. “Responding and recovering is not about being reactive any more. It’s the difference whether you find out about a cyber attack in days or even minutes, or whether it’s weeks, months or even years.

“While technology will continue to be used for building security, it will also be used for cyber warfare. Because of the complexity of the environment today, which is so interconnected, integrated and globalised, it is not just a matter of attacking one server or one organisation. We’re talking about attacks on the whole ecosystem to the level we can have financial impact, attacks on healthcare systems, people dying. We need to talk about how we use technology to be ready for that.”

Concluding, she said we need to “anticipate chaos and be prepared. The key term is visibility, using technology for better visibility and to be able to defend against the attackers.”

For further information on OSPAs thought leadership webinars, see https://theospas.com/thought-leadership-webinars/