I still believe insider threat is one of the most misunderstood and overlooked threats to many businesses. Companies spend vast amounts on CCTV, baseline physical security measures such as manned guarding, but fail to manage and adequately educate workforce on insider threat and fail to implement appropriate measures to mitigate the threat.
Employees are able to access company data with relative ease, they have the ability to use plug and play devices and removable pen drives, make this even easier, especially when employees can enter and exit a place of work without being screened.
IT assets without restrictions are an issue and are more common than one may think, with many people still working from the comfort of their homes and without other employees monitoring movements and lack of capable guardianship in present, all in favour of an employee looking to manipulate data if they are disgruntled, looking to leave in the future and leverage employability with a competitor perhaps.
I see the event market picking up again in the GCC region and I believe this will improve the requirements for manned guarding services. Security is usually left to manage social distancing, so additional guards are likely going to be scoped in to manage these measures, especially once face masks become a thing of the past.
Ransomware will get worse and worse, with new twists, data stealing prior to encryption, malware packaging with other threats and very specific targeting of businesses.
By accessing the accounts or login credentials of employees at a smaller company through malware or phishing attacks, cybercriminals can impersonate that third party and target a larger company’s data, systems or employees. Again, highlighting the insider threat I mentioned earlier.
The past 12 months have been tough, tough for companies and freelancers, especially in the event industry. This is hard to measure, I have witnessed standards remain the same, or decrease, this is due to companies wishing to save money in hard times.
This extends to not only clients, but security companies, employing even poorer skilled personnel, cutting back on office and project management staff, meaning projects are inadequately managed and manned.
Notably, clients are not procuring the appropriately skilled, licensed and experienced security provider, meaning that in the long run, they are not only putting themselves at risk, but both employees and members of the general public too.
On a new and welcome change, many of the highly experienced EP operators whom were in Afghanistan for example, have found themselves out of work and are now venturing into other facets of the industry, I know, because I am lucky enough to have many in my team, which has not only allowed them to hone new skills, but improve the knowledge of the team collectively, which is hugely positive.
I can imagine that hostile environment operators will find a lot of freelance mid-management roles in the region within major events, such as the F1 and Qatar World Cup 2022. Many may, in fact, go and work in other locations where hostile environment work is still available and also perhaps within a corporate setting.
Adam Green has 20 years of ”real world” practical security experience within corporate environments & high-profile event security management in Europe, Australia, Asia, Africa and North & South America, having lived and worked extensively in Asia (West), Europe and Australia.
For more information, visit: www.adzgreen.com
This article was originally published in the December 2021 edition of International Security Journal. Pick up your FREE digital edition here