As public and private spaces are opening up, the need for a converged approach to cybersecurity and physical security is essential, as is integration with health measures and tech.
Since the start of the coronavirus pandemic, one thing has been clear: Protecting the health, safety, and security of individuals is increasingly challenging and a core priority for helping the US get safely back to business and back to school, as well as for a sense of well-being. And all of this amid a changing view of the future of work and the core factors for quality of life.
Early on in the urgent attempt to prevent the spread of the virus, stay-at-home mandates swept the nation as restaurants and retailers were forced to close their doors, and employees were adjusting to a new work remote/work-from-home lifestyle. As a result, several organizations, including the World Health Organization, experienced a dramatic rise in attempted cyberattacks on the workforce. The FBI reported a 400% increase in cybersecurity complaints compared with before the pandemic. Now, as both public and private spaces are opening up — and offices are inviting employees back slowly and in reduced capacity — the need for a converged approach to cybersecurity and physical security is essential, as is integration with health measures and tech.
Physical Security & Safety in a Pandemic Era
Early on in the pandemic, many businesses were vacant and therefore more susceptible to crime and theft. This spiked demand for security systems such as alarms and monitoring, especially for small and midsize businesses, including bars, restaurants, and retail.
Responsible use of facial recognition technology is also being further developed and put to use in modernized airports and for public safety and access control uses. There has been concern about people wearing masks being a barrier to effective identification. Fortunately, there are facial recognition technologies available that are not hindered by masks. The technology can still verify an individual’s credentials, and as a result, enable a number of contactless solutions (such as touchless sign-in and payment) and access monitoring. In addition, if an individual enters a venue, office, or store without wearing a mask, or is not wearing it correctly, facial recognition technology can be used to help detect the individual and discreetly alert staff.
Regarding personal safety, which has been affected by the pandemic, individuals are very aware of their health and safety needs and are adapting to social distancing rules. There is also increased demand for contactless access control solutions. For example, pre-COVID, many employees would be granted access to their office building by a simple key fob or key card. However, post-COVID, this won’t be enough. In fact, many office buildings already have been experimenting with access control technology that prevalidates individuals who are permitted to enter the building, utilizes mobile phones, and can also ensure that capacity limits are being followed.
Product development is underway for integration of security and health technology, including access control systems that combine functionality of identity verification and temperature checks. We are also rapidly seeing this with multipurpose use of video technology, across the spectrum of surveillance for threat detection, temperature checks, and capacity counts. While these are effective steps for this phase, to establish large-scale reopenings, real-time testing needs to be deployed pervasively while work continues on producing a safe vaccine and distribution process.
Rethinking Cybersecurity for Employees: Rise of Vishing Fraud
As professional workers continue to do their jobs remotely, even as offices are reopening, bad actors have been clever during these COVID times with tailored campaigns designed to prey on consumers’ increasing vulnerability. Recently, the FBI and the US Cybersecurity Infrastructure Security Agency (CISA) issued an alert regarding vishing (voice phishing) scams aimed at workers. Here’s a quick look at how vishing works:
First, a bad actor compiles every bit of information he or she can on an employee via public website information and social media. Next, that person calls the employee pretending to be an IT staff member with some excuse about troubleshooting an issue and subsequently ask the staff member to use a new — and fake — virtual private network (VPN) page to access company servers. Ultimately, if an employee obliges, this provides the fraudster credentials and access to private information.
There are a number of actions an organization can take to prevent social engineering attacks like this, including but not limited to employee software that can actively scan and monitor for unauthorized access and anomalous activity. Above all else, employees must be educated on these new threats, get training on how to spot malicious access attempts, and be provided clear instruction on how to flag them via the proper channels.
Cybersecurity, Physical Security, and Health Tech: The Pandemic Trio
One of the biggest takeaways for the security community as we continue to emerge through the pandemic is that cybersecurity along with physical security and health tech safety must be prioritized together. Industry professionals have to be wary of increasingly sophisticated cybersecurity threats, and quickly deploy proper physical and health safety protections and solutions that will address all equally and with strong collaboration.
In the last four years, this trend of organizational collaboration emerged due to increasingly pervasive connectivity and Internet of Things-enabled devices. Now with health issues being a long-term, front-burner priority, this will further stimulate the need for cross-departmental communications and a command center approach. Physical security, facilities, operational technology, IT, and HR professionals have a core essential role to take the lead to ensure the safety of employees, customers, and the public.
Will Wise is Group Vice President, Security Events, at Reed Exhibitions. He oversees ISC Security Events, ISCnews.com, ITS America Events, CNP/CardNotPresent.com, Natural Disaster & Emergency Management Expo, and G2E Events and G2E Insider. View Full Bio