As COVID-19 vaccinations continue, companies embrace hybrid work, employees return to the office and the U.S. opens up, violence and physical threats to businesses are occurring at an unsettling, record-high pace, according to the Ontic Center for Protective Intelligence.
The study showcases the collective perspectives of physical security directors, physical security decision-makers, chief security officers, chief information officers, chief technology officers, chief information security officers and IT leaders at American companies on how physical security challenges and opportunities are unfolding in 2021 as the country emerges from the pandemic.
“Pent up economic and political frustrations marked January 6 by the Capitol riot are being unleashed after months of limited in-person interactions, mass shootings have skyrocketed and companies are experiencing an increase in physical threats as compared to the beginning of 2021,” said Fred Burton, Executive Director of the Ontic Center for Protective Intelligence. “And yet, as our study found, even as physical threats increasingly originate in the cyber world, CEOs are reluctant to believe their companies could be targets.”
Burton continued: “As the crippling of critical supply chains and infrastructure by cybercriminals earlier this year demonstrated, to keep all aspects of their business safe, with great urgency, companies must fund, integrate and unify cybersecurity and physical security intelligence, assessment, mitigation and operations across the enterprise.”
“As corporations advance the digital transformation of their physical security operations, it has never been more important to seize the opportunity to align their cybersecurity operations and infrastructure,” said Lukas Quanstrom, CEO of Ontic.
“Bringing together all threat data and intelligence in an always-on, technology-driven approach to security is the most effective way to advance business continuity in today’s increasingly hyper-connected, hyper-violent environment.”
Physical threats increase where intelligence failures occur
Of the physical threats that resulted in harm or death at companies in 2021, 49% of respondents think most or almost all could have been avoided if cybersecurity and physical security intelligence were unified so threats could be shared and actioned by cross-functional teams.
55% of physical security and IT leaders say their CEO believes training employees so they are better prepared for potential workplace violence will create a culture of fear.
26% of those surveyed say their company has never addressed the potential for workplace violence and employees would not know what to do if an active shooter entered their facilities.
74% agree that they anticipate significant conflicts between management and employees regarding health and safety protocols, as well as work-from-home policies when businesses reopen.
72% agree that their company has experienced physical security threats related to requiring employees to show proof of vaccination in order to return to the office.
Cybersecurity and physical security must be integrated
Since the beginning of 2021, 58% of security and IT leaders say their company has received or investigated one physical threat (33%), between two and five physical threats (21%), or over six physical threats (4%) per week.
Also, as a result of intelligence failures, respondents said the following incidents have occurred at their company:
- An insider abused authorized cyber access that led to property theft or supply chain damage (34%)
- An employee was threatened and/or harmed while working at company facilities (33%) or working remotely (28%)
- A former employee threatened and/or harmed current employees (25%)
- Our CEO and/or family members received threats and/or were harmed when working from their private residence or while traveling (24%)
- An active shooter event occurred at one of our locations (18%)
There is overwhelming agreement among both physical security (95% agree, including 45% who agree strongly) and IT professionals (95% agree, including 55% who agree strongly) that cybersecurity and physical security must be integrated, otherwise cyber and physical threats will be missed.
91% of respondents agree physical security needs a technology-driven industry standard for actively identifying, investigating, assessing, monitoring and managing physical security threats and 87% agree that now is the best time to invest in physical security digital transformation.