Global & Digital Comprehensive Security Blog

How to Navigate an Increasingly Complex Global Threat Environment

Written by Global Guardian Team | Dec 21, 2022 4:07:26 PM

Preparation is critical if companies and individuals are to have better outcomes in the face of heightened risks.

 

The global threat environment has turned increasingly complex. The past year alone has been dominated by a pandemic, a major war, a rise in violent crime, destructive natural disasters, rampant cybercrime, and the possibility of a recession that could further accelerate the current pace of layoffs. Preparation is critical for companies and individuals to have better outcomes in the face of such challenges.

“All of us—security professionals, HR directors—should be thinking in terms of worst case and understand what that means; understand what the second, third, fourth-order effects are; and prepare for it and not be surprised,” said Global Guardian President and CEO Dale Buckner during a webinar on December 14. “As we look toward 2023, we don’t think it gets less complicated,” he added.

As a result, he said, the onus is on human resources and security executives to communicate their concerns about these challenges to the C-suite.

A Perfect Storm

Michael Ballard, director of intelligence at Global Guardian, cited the presence of the ingredients of a “perfect storm”—the war in Ukraine which has driven up energy prices, growing inflation, and the possibility that China may try and take Taiwan by force, which would cause a massive disruption to the world’s major supply chains and economy. Further, Buckner said, as the West decouples from Russia and China, the impact of this decoupling will be a top concern for executives.

"While 65% of those surveyed reported an increase in the number of security threats faced by their organizations compared to in 2019, 41% said most of their employees would not know what to do in case of an emergency."

Global Guardian’s 2022 Global Safety and Security Study—a survey of security and HR executives at large U.S. companies—found that even as the threat landscape has become more complex, most corporate employees are unprepared to face the threats. While 65% of those surveyed reported an increase in the number of security threats faced by their organizations compared to in 2019, 41% said most of their employees would not know what to do in case of an emergency. The survey’s results “validated what we’re feeling, what we’re seeing, and how we are operating,” said Buckner. Fifty-eight percent of companies surveyed said they had expanded their security budgets in the past year in response to the risks.

The Intersectionality of Risks

In her role as vice president of Global Security and Resilience (CSO) at Starbucks Coffee Company, Cheryl Steele is focused on two top enterprise-level risks: physical security and business continuity.

Discussing what she described as the “intersectionality of risks,” Steele explained that a cyber breach would impact brand reputation as well as a company’s operations, and supply chain disruptions would affect the health of a business as well as customer experience. The challenge, Steele said, is identifying the knock-on effects of risks to a business and developing a “proactive, foot-forward preparedness posture.”

“As we all know, time is not your friend when you are facing a crisis.”

Steele said that while it is virtually impossible to develop specific response plans to what are a wide variety of disruption scenarios, the answer is two-fold: (1) to develop “guardrails,” identifying core principles a company wants to hold itself to if a risk materializes, and (2) have clarity on who the critical decision makers are in a crisis response. “As we all know, time is not your friend when you are facing a crisis,” she said.

Economic Challenges

Steele discussed how “inflationary pressures”—rising rents, higher energy prices, the scarcity of jobs, etc.—could create social unrest. “All of these show up in not only geopolitical ways, but also in deeply personal ways,” she said, noting how food insecurity and social inequities could be heightened.

The U.S. tech sector has seen massive layoffs over the past few months. From Amazon to Meta to Twitter, thousands have lost their jobs. These layoffs have come amid concerns about a looming recession. “Looking at 2023, economic challenges and the potential of recession are top of mind,” said Buckner. He predicted that a recession would affect each part of the world differently. Economic carnage, disruption of supply chains, and mass layoffs would result in “lots of second [and] third-order effects,” he said. 

As the number of layoffs grows so too does the likelihood of hostile terminations and workplace violence. Global Guardian helps its clients address these risks by flagging a terminated employee if they have made threats, placing guards on site to deter an attack, and monitoring the former employee’s social media accounts for threats made toward their former employer, said Ballard. 

Security Challenges

Along with workplace violence, violent crime and geopolitical tensions are increasingly on the radar of corporate executives. In the survey commissioned by Global Guardian, 46% of respondents highlighted geopolitical tensions as most concerning.

“Clearly, if you are in that seat as a chief security officer and HR director, geopolitics now matter in a way they might not have,” said Buckner. “You’re going to brief your C-suite about geopolitical tensions and the effects on your business in a way that you might not have in the past.”

“Clearly, if you are in that seat as a chief security officer and HR director, geopolitics now matter in a way they might not have,” said Buckner.

Acts of violence typically occur unannounced and unexpectedly. For example, a terrorist attack in Istanbul in November that left six people dead and wounded dozens came as a surprise as the Turkish city had not seen such an attack in a few years. “This was a harsh reminder that this threat is still real; it’s still out there,” Ballard said. He advised people traveling to high-risk areas to be mindful of such risks.

Given the heightened insecurity, Buckner predicted that cases of kidnap and ransom will also increase in 2023. “We shouldn’t be surprised that desperate people are going to do desperate things,” he said. He advised HR directors and CSOs to meet with their duty of care provider’s kidnap and ransom team to gain a better understanding of what they cover and “how the playbook runs.”

Health Challenges

As the world has grappled with the pandemic, China’s government has faced major protests in response to its COVID zero policy. Ballard described the COVID zero policy as untenable, noting that it has hurt the Chinese government economically as well as politically. In a rare show of displeasure toward Xi Jinping, protesters demanded the Chinese president step down. The government has been forced to ease some restrictions in its controversial policy.

But as China opens up, it is witnessing a surge in COVID-19 infections and its health care system has become overwhelmed. “The big question mark is what’s going to happen with China,” said Ballard. Pointing to the risk of falling ill while traveling in China, he said: “You’re probably going to get stuck there for several weeks, maybe against your will…. Even if [the government] loosens restrictions, the consequences of even being a secondary contact to somebody [who is infected] could be severe.”

Ballard’s advice to businesses that have operations in China is this: anticipate staffing issues and supply chain disruptions.

“...the breadth of things we as teams and senior leaders face and the pace at which they move are not slowing down.”

While the pandemic may be showing signs of easing up in many parts of the world, Steele said, “the breadth of things we as teams and senior leaders face and the pace at which they move are not slowing down.”

Cyber Challenges

Cybercrime, particularly ransomware attacks, has grown exponentially over the past few years. The risks have been heightened as people around the world have been forced to work from home, often on inadequately secured networks as a consequence of the pandemic lockdowns. Buckner said the annual global loss from cybercrime will reach $10 trillion by 2025.

It will take a combination of policies, training, and hardware to address this challenge, said Buckner. Ultimately, he added, if companies don’t see this risk as a direct threat to both their traveling employees and their enterprise as a whole, and do not prioritize training for remote workers or ensuring the security of their networks, they will have “massive exposure.”

Taking a Stand

Companies worldwide are increasingly expected to take a stand on social issues, from global warming to marriage equality. Steele said it is important companies have clarity on their brand mission: “Who are you? What do you stand for? How does that show up? Who are your attractors and detractors?”

Any time a company takes an issue-based stand, it will face opposition from the other side. And opposition may quickly escalate to hostility. Steele said it is important that companies think through the “knock-on impacts” of their decisions. This means asking “have we done the best that we can to try and prepare for those third-order effects,” she said.

“No matter what your brand values are, it’s best to anticipate that you will find a moment of conflict on something somewhere,” said Steele. “Have you thought ahead about how you will manage through that?”

 

Key Takeaways

  • Preparation is key: Russia’s invasion of Ukraine, which appeared to take many by surprise and cost businesses billions of dollars, has shown the importance of preparation so as not to be caught off guard and ensure duty of care.
  • Response matters: Corporations are starting to develop short, medium, and long-term plans in response to the rapidly evolving threat environment. “Response matters,” Buckner said, noting that the “speed at which events occur and the decision-making that is required does not seem to be letting up.”
  • Test plans: Have a plan, but most importantly test it, said Buckner.
  • Take a hard look at providers: If gaps are discovered in plans—whether during tabletop exercises or real-world events—businesses should not hesitate to make changes. “If you can’t get your insurance provider to bend to the needs of what you need, you should consider changing them and find a platform that will,” Buckner said. “If your duty of care providers are myopic, if they can’t operate in real time… then you clearly have the wrong duty of care platform.”
  • Seek executive buy-in: The pandemic has helped focus executives’ attention on global risks. The challenge now is figuring out how to capitalize on that opportunity in a way that is respectful of a leader’s time, said Steele.

STANDING BY TO SUPPORT

The Global Guardian team is standing by to support your security requirements. To learn more about our Duty of Care membership and emergency response capabilities, complete the form below or call us at + 1 (703) 566-9463.