Investing in resilient infrastructure for a better future

Industry News, Telecomms sector, Transport sector

Day-to-day life depends on infrastructure and its services, this includes supply-chains, electricity, water and sanitation, and information networks. But in the face of the COVID-19 pandemic and increasing extreme weather events, these systems are under increasing threat.

A single event in December 2020, Cyclone Yasa, caused around USD 1.4 billion in damage to health facilities, homes, schools and other critical infrastructure in the Pacific island nation of Fiji. Beyond the economic toll, there was immeasurable disruption to people’s lives as a result of downed systems, extending the duration of the disaster beyond the passing of the cyclone.
Vital services for people and communities

Measuring the resilience of infrastructure is a challenge: There is no common understanding of what “resilient infrastructure” means, nor agreed benchmarks against which to gauge infrastructure resilience. Infrastructure is commonly understood as comprising assets and buildings; this needs to shift to include the vital services they provide.

“Social resilience touches on the capacity for a community to adapt, a resilient community is able to respond to changes, post-stress, in a positive way,” said Esther Anyakun Davinia, Uganda’s Minister of State for Relief, Disaster Preparedness and Refugees, speaking at a 7th Global Platform for Disaster Risk Reduction session titled, ‘Building a better future: Investing in resilient infrastructure for all’.

Moving towards net resilience gain

The Principles for Resilient Infrastructure – developed by the United Nations Office for Disaster Risk Reduction (UNDRR) to support the implementation of the Sendai Framework and the Sustainable Development Goals (SDGs) – describe a set of principles, key actions, and guidelines to create national-scale net resilience gain, and improve the continuity of critical services.

“We need a framework – such as we have for net zero," said panellist Rob Wesseling, CEO of The Co-operators Group, a Canadian insurance company. “There were no net-zero alliances not too long ago. There is already an excess of $130 trillion committed to various aspects of net zero which can be used to improve resiliency.”

Investing in sound infrastructure, Wesseling argued, would pay out in resilience dividends.

The net resilience gain approach requires that infrastructure investments enhance resilience and not create any additional risks.

The six interconnected Principles are designed to guide infrastructure stakeholders and leaders in building infrastructure resilience, calling for a process that is continuously learning, proactively protected, environmentally integrated, socially engaged, adaptively transforming, and based on shared responsibility.

The implementation process itself will give users a better understanding of their existing infrastructure systems: their performance, exposure, regulatory environment, challenges and barriers, as well as offering entry points for better risk-informed decision making and investments.

“Short cuts lead to greater costs, so maintenance needs to be integrated,” said Dena Assaf, United Nations Resident Coordinator for the United Arab Emirates. “How the infrastructure systems are maintained and integrated must be informed by the Principles for Resilient Infrastructure.”
A stress test to measure policy impacts on infrastructure resilience
“Infrastructure stress testing helps governments and stakeholders to base policy decisions and investments on factual and up-to-date information on the status of the resilience of infrastructure systems."
- Beata Janowczyk

Regulations that govern critical infrastructure also need strengthening. Governments must revisit their mechanisms and practices to evaluate whether they can cope with increasing requirements brought about by climate change, shifting demographic and development patterns, and other stresses.

Understanding the risk landscape – and its potential impacts on public finances – provides a good basis for realistic assessments of the costs and benefits of financing and policy options.

UNDRR’s recently developed Resilient Infrastructure Stress Test helps policymakers to see how policy changes could impact critical infrastructure, exposing major gaps to be prioritized. The stress test measures infrastructure performance against various stressors, and offers an assessment to provide specific policy recommendations.

“Infrastructure stress testing helps governments and stakeholders to base policy decisions and investments on factual and up-to-date information on the status of the resilience of infrastructure systems,” said Beata Janowczyk, head of the Risk Assessment and Emergency Planning Unit in Poland’s Centre for Security.

With significant recovery funding investments being made in new infrastructure, risk reduction and resilience must be central considerations shaping how and where these resources are spent.

Leave a comment ,

Breaking silos to build resilience – Multi-hazard, multi-sectoral approaches to managing disaster risks

Agency News, Industry News, Power/Energy/Oil & Gas sector, Telecomms sector

Disasters unfold across national boundaries, involving a range of interrelated hazards and complex dynamics. To tackle disaster risks and build resilience in the face of increasing climate-related disasters, it will require a united effort to move beyond working in silos.

“Member states, the UN system, governments – whether national, local or community-level governments – will need to learn more and more how to work in an interdisciplinary manner,” said David Smith, coordinator of the Institute for Sustainable Development at the University of the West Indies, and moderator of the session Breaking the Silos – Towards multi-hazard, multi-sectoral approaches to managing risks at the 7th Global Platform for Disaster Risk Reduction.

“One ASEAN, one response”

Southeast Asia and the Pacific region are especially affected by natural hazards, and in recent years has been the site of numerous disasters – cyclones, floods, tsunami and seismic events, compounded by the COVID-19 pandemic. Susana Juangco, Director of the Philippines Office of Civil Defense, explained how ASEAN, the Association of Southeast Asian Nations, has taken steps towards better coordination in its disaster risk reduction (DRR) strategies.

“The disaster risk landscape is becoming more complex and challenging,” she said. “There is a need to strengthen and broaden cooperation, not only within the ASEAN region but also externally, including with non-traditional partners.”

One example is the ASEAN Joint Taskforce on Humanitarian Assistance, which draws in expertise from many sectors – political, defence, health, social welfare and development.

“Disaster management should be everyone’s business,” she said, “Instead of working in silos, inter-operativeness and coordination should be the essence of all our DRR initiatives.”
Understanding risk from community viewpoints

Bijay Kumar, Executive Director of the Global Network of Civil Society Organisations for Disaster Reduction (GNDR) described how an inclusive, community-based approach can strengthen DRR and resilience building by drawing on local perspectives.

“As a global network… we are trying to see how risks are understood from the perspective of the people experiencing them.”

A GNDR programme has examined how communities have been included in various governance systems, and how this inclusion has changed over a ten-year period, drawing on the experiences of representative samples of communities across 48 countries worldwide.

In Indonesia, for example, the study found that a consultative process helped to activate a penta-helix approach involving local governments, civil society, academia and the media in developing plans which were then taken up at a national level.

“It is possible to bring a comprehensive analysis to inform a sustainable way of building resilience,” he noted.

Finding the right tools for the job

Scientists have a range of tools at their disposal for assessing disaster risk. There are well-established methods for assessing primary impacts from external shocks, but in many of the places that experience disasters, data is often in short supply. However, when it comes to assessing systemic risks and the complex dynamics that cause wider impacts, there are fewer options.

Olaf Neußner, an independent expert for the German Committee for Disaster Reduction (DKKV) believes that recent global events – the pandemic and the war in Ukraine – could help to break down silos between different avenues of research, and create new opportunities for risk analysis.

“There is a lot of information available, and researchers can look into this and see what the cascading effects actually are,” he said.

In order to process the enormous volume of data, risk assessments could draw on machine learning and artificial intelligence to better understand causal relationships and connections between hazards and impacts.

Economic models could also be useful in understanding the socio-economic impacts of disasters – this requires that the two silos of economic and DRR analysis are bridged.
“Breaking silos takes time and energy, but it is worth it.”

Peter Binder, Director-General of MeteoSwiss and the Swiss Permanent Representative to the World Meteorological Organisation (WMO), offered examples of how DRR initiatives in Switzerland have deliberately set up structures to break down silos.

This entailed establishing the Steering Committee on Intervention in Natural Hazards, which brings together government and academic institutes dealing with weather, fire, civil protection, seismic events, avalanches and topography. The Committee operates on three hierarchical levels, each involving all of the parties.

A similar collaborative approach is applied by the National Centre for Climate Services, bringing together seven federal offices with academic institutions.

“Breaking silos takes time and energy, but it is worth it,” he said.

An earth system approach

At an international level, Binder noted that the WMO – with responsibility for weather, water and climate – provides another example of breaking silos.

“The three disciplines are intimately linked in nature and, therefore, should also be in our scientific and operational treatment,” he said. “This is the earth system approach, indispensable for managing multi-hazard risk.”

Switzerland is promoting an initiative to take this further, to bolster global preparedness for natural hazards.

Under the WMO Coordination Mechanism, “all available authoritative information on meteorological and hydrological threats from WMO members should be directed into the information channels of the pertinent UN and humanitarian aid organisations. This constitutes a multi-organizational and multinational effort to mitigate risk related to meteorological, hydrological and climate hazards,” he said.

[Source: UNDRR]
Leave a comment , , ,

NSA, Allies Issue Cybersecurity Advisory on Weaknesses that Allow Initial Access

Agency News, Cyber Security CII sector, Industry News

The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA) and the FBI, along with allied nations, published a Cybersecurity Advisory today to raise awareness about the poor security configurations, weak controls and other poor network hygiene practices malicious cyber actors use to gain initial access to a victim’s system.

“Weak Security Controls and Practices Routinely Exploited for Initial Access” also includes best practices that can help organizations strengthen their defenses against this malicious activity.

“As long as these security holes exist, malicious cyber actors will continue to exploit them,” said NSA Cybersecurity Director Rob Joyce. “We encourage everyone to mitigate these weaknesses by implementing the recommended best practices.”

Some of the most common weaknesses include not enforcing multifactor authentication, incorrectly applying privileges or permissions and errors within access control lists and not keeping software up to date. The advisory recommends mitigations that control access, harden credentials, establish centralized log management and more.

CISA produced the advisory with help from NSA and other partners. That includes the FBI, the Canadian Centre for Cyber Security (CCCS), the New Zealand National Cyber Security Centre (NCSC-NZ) and Computer Emergency Response Team (CERT NZ), the Netherlands National Cyber Security Centre (NCSC-NL), and the United Kingdom National Cyber Security Centre (NCSC-UK) on the advisory. Many of the same cybersecurity authorities collaborated to release a complementary advisory on 27 April, which highlighted the top routinely exploited vulnerabilities from 2021.

Leave a comment ,

List V: Informing the global maritime community

Cyber Security CII sector, Industry News, Transport sector

The International Telecommunication Union (ITU) has released the latest edition of its key global maritime publication – List of Ship Stations and Maritime Mobile Service Identity Assignments. Well known among ship operators, the annual publication has helped keep seafarers safe and informed for nearly a century.

Commonly referred to as List V, this publication contains crucial contact information and other administrative and operational data on over 900,000 ship-borne radio stations around the world.

The publication and accompanying software enable users to retrieve operational data about any given ship – such as its name, call sign, Maritime Mobile Service Identity (MMSI), and phone number, along with the vessel type, tonnage, number of passengers or crew, and onboard radiocommunication equipment.

This key maritime compendium lists port authorities and rescue coordination centers with their shore-side contact information. List V also includes identification codes for search and rescue aircraft and contact details for accounting authorities.

Rescue mission critical

If disaster strikes, List V is a vital tool that can help maritime authorities quickly recognize ships in distress and coordinate rescue operations.

Increasingly, the ITU publication also exposes vessels giving false distress alerts – a growing problem for the maritime community.

List V information that is fed into the Global Maritime Distress and Safety System (GMDSS), which then sends alerts to search and rescue authorities, helps keep the maritime environment safer for ships, crews, and passengers everywhere.

List V history

The history of List V begins at the International Radiotelegraph Conference held in Washington, DC, in 1927. That conference introduced the first provisions related to maritime publications into the Radio Regulations – the treaty maintained by ITU to govern radio frequency assignments worldwide. Shortly after, ITU began publishing its List of Ship Stations and List of Callsigns.

ITU’s lists were substantially updated after the 2007 World Radiocommunication Conference to reflect evolving maritime technologies and enhanced safety protocols. The ship station and callsign lists were then consolidated into a single publication, the first edition of which was issued in March 2011.

Leave a comment ,

UK joins international cyber agency partners to release supply chain guidance

Agency News, Cyber Security CII sector, Industry News

THE UK and its international partners have today (Wednesday) issued advice to IT service providers and their customers as part of wider efforts to protect organisations in the wake of Russia’s invasion of Ukraine.

The joint advisory from the National Cyber Security Centre (NCSC) – a part of GCHQ – and its partners sets out a series of practical steps for managed service providers (MSPs) and their customers.

The advisory has been issued alongside the US’s Cybersecurity and Infrastructure Security Agency (CISA), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), New Zealand National Cyber Security Centre (NZ NCSC), National Security Agency (NSA), and Federal Bureau of Investigation (FBI).

It is being released on the second day of the NCSC’s CYBERUK conference in Wales, which a number of these partners are attending.

MSPs provide IT support to their customers in various ways, for example through software or cyber security services, and in order to do so they are granted privileged access to a customer’s network.

This can create opportunities for attackers, who can gain access to an organisation’s network by compromising their MSPs.

One of the most significant examples of these supply chain attacks was that carried out in 2020 against US software company Solarwinds, which impacted customers throughout the world.

Organisations are being encouraged to consider the advisory, Protecting Against Cyber Threats to Managed Service Providers and their Customers, in conjunction with guidance from the NCSC and others in relation to the heightened tensions as a result of events in Ukraine.

NCSC CEO Lindy Cameron said:

“We are committed to further strengthening the UK’s resilience, and our work with international partners is a vital part of that.

“Our joint advisory with international partners is aimed at raising organisations’ awareness of the growing threat of supply chain attacks and the steps they can take to reduce their risk.”

CISA Director Jen Easterly said:

“I strongly encourage both managed service providers and their customers to follow this and our wider guidance – ultimately this will help protect not only them but organisations globally.

“As this advisory makes clear, malicious cyber actors continue to target managed service providers, which is why it’s critical that MSPs and their customers take recommended actions to protect their networks.

“We know that MSPs that are vulnerable to exploitation significantly increases downstream risks to the businesses and organisations they support. Securing MSPs are critical to our collective cyber defense, and CISA and our interagency and international partners are committed to hardening their security and improving the resilience of our global supply chain.”

Abigail Bradshaw CSC, Head of the Australian Cyber Security Centre, said:

“Managed Service Providers are vital to many businesses and as a result, a major target for malicious cyber actors.

“These actors use them as launch pads to breach their customers’ networks, which we see are often compromised through ransomware attacks, business email compromises and other methods. Effective steps can be taken to harden their own networks and to protect their client information. We encourage all MSPs to review their cyber security practices and implement the mitigation strategies outlined in this Advisory.”

Sami Khoury, Head, Canadian Centre for Cyber Security, said:

“We’ve seen the damage and impact cyber compromises can have on supply chains, managed service providers, and their customers.

“These compromises can result in costly mitigation activities and lengthy downtime for clients. We strongly encourage organizations to read this advisory and implement these guidelines as appropriate.”

Lisa Fong, Director of NZ NCSC, said:

“Supply chain vulnerabilities are amongst the most significant cyber threats facing organisations today.

“As organisations strengthen their own cyber security, their exposure to cyber threats in their supply chain increasingly becomes their weakest point. Organisations need to ensure they are implementing effective controls to mitigate the risk of cyber security vulnerabilities being introduced to their systems via technology suppliers such as managed service providers. They also need to be prepared to effectively respond to when issues arise.”

Rob Joyce, Director NSA, said:

“This joint guidance will help MSPs and customers engage in meaningful discussions on the responsibilities of securing networks and data.

“Our recommendations cover actions such as preventing initial compromises and managing account authentication and authorization.”

Bryan Vorndran, Cyber Division Assistant Director FBI, said:

“Through this joint advisory, the FBI, together with our federal and international partners, aims to encourage action by MSPs and their customers, as malicious cyber actors continue to target this vector for entry to threaten networks, businesses, and organisations globally.

“These measures and controls should be implemented to ensure hardening of security and minimise potential harm to victims.”

A range of steps are set out for MSPs and their customers in the latest advisory, including:

Organisations should store their most important logs for at least six months, given incidents can take months to detect.
MSPs should recommend the adoption of multi-factor authentication (MFA) across all customer services and products, while customers should ensure that their contractual arrangements mandate the use of MFA on the services and products they receive.
Organisations should update software, including operating systems, applications, and firmware, and prioritise the patching of known exploited vulnerabilities.

The advisory makes clear that organisations should implement these guidelines as appropriate to their unique environments, in accordance with their specific security needs, and in compliance with applicable regulations.

Leave a comment , ,

NSA Issues Recommendations to Protect VSAT Communications

Agency News, Cyber Security CII sector, Industry News

The National Security Agency (NSA) updated its Cybersecurity Advisory (CSA) today for securing very small aperture terminal (VSAT) networks, “Protecting VSAT Communications.” The advisory aims to help organizations understand how communications may be at risk of compromise and how they can act to reduce risk.

The recent U.S. and European Union public statements noted the Russian military launched cyber attacks against commercial satellite communications to disrupt Ukrainian command and control in February 2022. This cyber activity against Ukraine further underscores the risk to VSAT communications for both espionage and disruption.

A number of U.S. government missions use VSAT networks for remote communications when other options are not feasible. However, VSAT communication links were not built with security in mind — often resulting in traffic being sent unencrypted.

NSA recommends government VSAT networks, such as those designated as National Security Systems (NSS) and ones used by Defense Industrial Base (DIB) organizations, enable all available transmission security protections on VSAT networks. NSA also recommends encrypting all communications prior to transmitting across VSAT links, keeping hardware and firmware updated, and changing any default credentials before use.

Leave a comment , ,

Disaster Resilience: Opportunities to Improve National Preparedness

Agency News, Industry News, Water sector

Each year, disasters such as hurricanes and wildfires affect hundreds of American communities. The federal government provides billions of dollars to individuals and communities that have suffered damages. According to the U.S. Global Change Research Program, extreme weather events are projected to become more frequent and intense in parts of the U.S. as a result of changes in the climate. Investments in disaster resilience can reduce the overall impact of future disasters and costs.

This testimony discusses GAO reports issued from 2015 through 2021 on disaster preparedness and resilience. This includes FEMA's National Preparedness System and associated grants; hazard mitigation grant programs; and GAO's Disaster Resilience Framework for identifying opportunities to enhance resilience. The statement also describes actions taken to address GAO's prior recommendations through March 2022.

GAO has evaluated federal efforts to strengthen national preparedness and resilience and identified opportunities for improvement in several key areas:

FEMA Efforts to Strengthen National Preparedness. The Federal Emergency Management Agency (FEMA)—the lead agency for disaster preparedness, response, and recovery—assesses the nation's emergency management capabilities and provides grants to help state, local, tribal, and territorial governments address capability gaps. In May 2020, GAO found that FEMA and jurisdictions have identified emergency management capability gaps in key areas such and recovery and mitigation. GAO recommended that FEMA determine steps needed to address these capability gaps. FEMA agreed and plans to develop an investment strategy that aligns resources with capability gaps.

FEMA's Hazard Mitigation Grant Programs. In February 2021, GAO found that state and local officials faced challenges with FEMA's hazard mitigation grant programs. Specifically, officials GAO interviewed from 10 of 12 selected jurisdictions said grant application processes were complex and lengthy. This could discourage investment in projects that would enhance disaster resilience. FEMA officials said they intended to identify opportunities to streamline, but did not have a plan for doing so. GAO recommended that FEMA develop such a plan. FEMA agreed and is in the process of doing so.

Identifying Opportunities to Enhance Disaster Resilience. In October 2019, GAO issued a framework to guide analysis of federal actions to promote resilience to natural disasters and changes in the climate. For example, the framework can help identify options to address government-wide challenges that are of a scale and scope not addressed by existing programs.

Leave a comment , ,

Defense Cybersecurity: Protecting Controlled Unclassified Information Systems

Agency News, Cyber Security CII sector, Industry News

DOD computer systems contain vast amounts of sensitive data, including CUI that can be vulnerable to cyber incidents. In 2015, a phishing attack on the Joint Chiefs of Staff unclassified email servers resulted in an 11-day shutdown while cyber experts rebuilt the network. This affected the work of roughly 4,000 military and civilian personnel.

In response to Section 1742 of the William M. (Mac) Thornberry National Defense Authorization Act for Fiscal Year 2021, in June 2021 DOD submitted a report to the Congress on cybersecurity of CUI. The report discussed the extent to which DOD had implemented selected cybersecurity requirements across the department. The act included a provision for GAO to review DOD's report, and GAO has continued to monitor the department's subsequent progress.

This report describes 1) the status of DOD components' implementation of selected CUI cybersecurity requirements; and 2) actions taken by DOD CIO to address the security of CUI systems.

GAO's review focused on the department's approximately 2,900 CUI systems. GAO examined relevant CUI cybersecurity requirements and data from DOD information technology tools. Also, GAO analyzed documentation such as relevant DOD cybersecurity policies and guidance on monitoring the implementation of cybersecurity requirements, and interviewed DOD officials.

The Department of Defense (DOD) has reported implementing more than 70 percent of four selected cybersecurity requirements for controlled unclassified information (CUI) systems, based on GAO's analysis of DOD reports (including a June 2021 report to Congress) and data from DOD's risk management tools. These selected requirements include (1) categorizing the impact of loss of confidentiality, integrity, and availability of individual systems as low, moderate, or high; (2) implementing specific controls based in part on the level of system impact; and (3) authorizing these systems to operate. As of January 2022, the extent of implementation varied for each of the four requirement areas. For example, implementation ranged from 70 to 79 percent for the cybersecurity maturity model certification program DOD established in 2020, whereas it was over 90 percent for authorization of systems to operate.

DOD is not required to implement all 266 security controls. In some cases, a specific security control may not be applicable to a particular system due to its function. Also, there are some systems for which the authorizing officials may need to implement security controls that are in addition to the 266 identified as moderate-impact for confidentiality because of the type of information that is stored or transmitted in that system.

As the official responsible for department-wide cybersecurity of CUI systems, the DOD Office of the Chief Information Officer (CIO) has taken recent action to address this area. Specifically, in October 2021 the CIO issued a memorandum on implementing controls for CUI systems. The memo identified or reiterated requirements that CUI systems must meet. These included requiring additional supply chain security controls and reiterating that all CUI systems have valid authorizations to operate. In addition, the CIO reminded system owners of the March 2022 deadline for all DOD CUI systems to implement necessary controls and other requirements. The Office of the CIO has been monitoring DOD components' progress in meeting this deadline.

Leave a comment , ,

CISA Call with Critical Infrastructure Partners on Potential Russian Cyberattacks Against the US

Agency News, Cyber Security CII sector, Industry News

The Cybersecurity and Infrastructure Security Agency convened a three-hour call with over 13,000 industry stakeholders to provide an update on the potential for Russian cyberattacks against the U.S. homeland and answer questions from a range of stakeholders across the nation.

As President Biden noted, evolving intelligence indicates that the Russian Government is exploring options to conduct potential cyberattacks against the United States. CISA echoed the President’s warning on the call and reinforced the urgent need for all organizations, large and small, to act now to protect themselves against malicious cyber activity.

On the three-hour call, CISA Director Jen Easterly, Deputy Executive Assistant Director for Cybersecurity Matt Hartman, and Tonya Ugoretz, Deputy Assistant Director for the FBI’s cyber division, encouraged organizations of all sizes to have their Shields Up to cyber threats and take proactive measures now to mitigate risk to their networks. They encouraged those on the line to visit CISA.gov/Shields-Up to take action to protect their organizations and themselves and urged all critical infrastructure providers to implement the mitigation guidelines enumerated on CISA.gov/Shields-Up, including:

- Mandate the use of multi-factor authentication on your systems to make it harder for attackers to get onto your system;
- Update the software on your computers and devices to continuously look for and mitigate threats;
- Back up your data and ensure you have offline backups beyond the reach of malicious actors;
- Run exercises and drill your emergency plans so that you are prepared to respond quickly to minimize the impact of any attack;
- Encrypt your data;
- Sign up for CISA’s free cyber hygiene services; and
- Educate your employees to common tactics that attackers will use over email or through websites, and encourage them to report if their computers or phones have shown unusual behavior, such as unusual crashes or operating very slowly.

Director Easterly urged all organizations, regardless of size, to contact CISA immediately if they believe they may have been impacted by a cyber incident. When cyber incidents are reported quickly, CISA can use the information to render assistance and help prevent other organizations and entities from falling victim to a similar attack.

The event built on a series of briefings that CISA has been convening since late 2021 with U.S. Government and private sector stakeholders at both classified and unclassified levels. This outreach was provided to Federal Civilian Executive Branch Agencies, Sector Risk Management Agencies, private sector partners, state, local, tribal, and territorial (SLTT) governments, and international partners. To date, CISA has hosted or participated in more than 90 engagements reaching tens of thousands of partners.

Leave a comment , , ,

Security Industry world-wide preparing and bracing for the expected crime wave that may occur because of the Russian and Ukrainian affair

Cyber Security CII sector, Industry News

The pandemic resulted in an economic meltdown with crime related issues. The Russian and Ukrainian saga is a global threat because it impacts globally on the energy security. Oil and natural gas are the foundation to all costs for living. Besides such, Ukraine exports grains to many countries which will add and impact the cost of food such as cooking oil, bread and beer.

A second economic meltdown after the pandemic that initially lip-slapped the economy would be a massive blow to all financial sectors and industries.

Statement
Kunwar Singh, Chairman of CAPSI | Central Association for Private Security Industry states ‘’ the private security industry is larger than any military force in the world. The private security has the skills to manage the behaviour of the population. Furthermore, the industry has the skills, technology and equipment to find the crime and stop it more effectively. Simply put the security industry is providing more eyes on the ground therefore supporting the police in locating and catching criminals. The security industry must be acknowledged as a vital partner by the regulators’’.

CAPSI [Central Association for Private Security Industry], ISIO[International Security Industry Organization] and SASA (representing 9.15 million practitioners) call upon all security regulars world-wide to take certain steps to ensure a wider market for the legitimate traders. The regulators must protect the industry against illegitimate security companies and practitioners besides criminal elements that could attempt to penetrate the industry.

Learning from History
The economic meltdowns of the past recorded long lines of unemployed people and hungry people. The recent and current statistics related to the meltdown due to the pandemic affirm once again that many are jobless. Every country could be the same or their unique issues relating to the associated crime. One could deduce that whatever the stats were regardless of location, the levels of crime escalated. An example of recent demonstration and riots. These occurred in certain countries that experienced massive mobs against vaccinations.

In specific locations there were mass groups looting under the guise of a politically induced narrative. There were small mob attacks directed towards migrant owned small business besides increased number of pro-nationalist demonstrations on businesses that employ migrants under the banner ‘give the jobs to the citizens. The practitioner should consult their own crime statistics in their location and may be surprised at the escalation overall but pay attention to specific crime.

Possibilities of crime in this economic meltdown
The biggest threat on the ground would be the logistics. Gangs of people hijacking and theft of tankers carrying petrol, food and for that matter anything. These are soft targets on wheels carrying high value goods already without effective security systems. Any interruption in the logistic chain could cause chaos.

Each location and field of interest more than likely experience bribery and corruption of any kind for jobs. Consider expanding your crime research for such when considering the vulnerability landscape because this crime could lead to major reputational damage that obviously effects revenues.

Tony Botes of SASA |South African Security Association says, ’when a country has major job losses then desperate people can do anything. It is vital to protect the entire logistic chain from warehouses stocking all goods, the vehicles as well as the route because empty burnt trucks could shut the road for days causing high anxiety for the population.’

Profit Protect Clients and Security Companies
Clients should avoid reputational damage and lawsuits by using unlicensed security practitioners.
• When using an unlicensed security company then consider that there is no oversight and governance besides their staff being vetted. This could lead to organized or gang crime using the assets of the business for their needs or the staff adding to the loss of profits in some way or the other.

Avoid reputational damage by using professional companies
• When security companies cut rates to clients by cutting costs then they may not be training their staff properly or managing the site professionally. People carry phones that can record bad behaviour and social media could destroy reputations which could be costly.

False Alarms: Attending to false alarms costs money. AI (artificial intelligence) saves the client money because the technology is able to read and distinguish between a false and positive alarm.

Also, AI can
• notify appropriate people to respond thus not wasting money on irrelevant people that also cost money in transportation besides for their time.
• some perpetrators could be stopped before the crime is fully realized or caught quickly saving money and anxiety.
• reducing the percentage of budget for loss prevention
• AI could identify an individual perpetrator or mob formation and could activate counter measures to reduce the collateral damage and related costs.
• Using AI provides the opportunity to increase the number of security investigators that are focused on looking for crime or handling aggressive and violent behaviour and stopping it.
Avoid chaos: There are some sites that could experience specific issues because of the desperation of people. There are sites that could have a high probability of issues related that could demand for strategic security. Chaos can be expensive when the collateral damage is related to staff being hospitalized, assets destroyed or stolen besides the time needed to repair all besides the loss of revenue.
• The professional security company would ensure that the workforce at the entrance control is layered by specific skillsets to reduce the probability of aggressive and violent behaviour.
The economic meltdown can deliver a larger number of criminals and a wide scope of criminal methods on the stage and into the spotlight. This calls for heightened security measures. Criminals may attempt to penetrate buildings for nefarious reasons such as home invasions, burglary, rape, murder or kidnapping. It is costly dearly to emotionally repair people or replace assets.
• AI can assist using applications such as allowing entry to only recognized approved people on their own or escorting others. Obviously. all entry and exit points need to be covered.
• Stop tailgating entry by opportunistic perpetrators

Protect specific assets: The theft of company secrets could tremendously cost a company with loss of market share (money) without them knowing so.

Juan Kirsten of ISIO | International Security Industry Organization remarks that ‘’the security industry has had years of experience in using all types of security technology for example cctv and alarm systems. It is coincidental that AI has matured to the degree that it must be considered as vital tools to use for this threat on the ground. The vulnerability landscape can change speedily and dramatically that calls for devices such as drones, IoT, or software that can improve comprehending the situation and reacting accordingly and timeously’’

Leave a comment ,
1 22 23 24 25 26 60