From cyber security risks to unlocked doors leading to unauthorized areas, to potential physical threats targeting employees and staff; businesses large and small are reminded in news stories daily of threats to organizational security and operation. INTELLEO highlights just a few of the many reasons why businesses need threat assessment training.
Sage Business Advice
Who would have thought that Chinese military strategist Sun Tzu and Al Pacino of “The Godfather” fame could offer the same wise business advice? ”Keep your friends close and your enemies closer.” That insight speaks perfectly to the numerous examples of why businesses today face both internal threats as well as external threats, and the heightened need for business threat assessment training. Threats ranging from cyber security to workplace violence are highlighted with member resources at the Association of Threat Assessment Professionals as just one example. A broad overview of general threats faced by today’s businesses is addressed by the Department of Homeland Security’s National Threat Assessment Center webpage. There are a host of informational blogs about threats to both businesses and schools/public institutions such as the U.S. Department of Education.
Depending on business type, threats can originate in a variety of ways from a business’s own employees and staff, as well as from competitors and those using technology to infiltrate for competitive advantage or to inflict crippling blows to businesses. And often the threats are commonly overlooked. Department heads, business executives, and managers are good at what they do or they would not hold the positions they hold. But how many have expertise and experience in threat assessment? Here’s just a brief snapshot of the internal and external vulnerabilities many businesses are exposed to.
Common Internal Threats
Two of the most common sources of internal threats deal with personnel issues and physical plant security. There is an increased need for employee background checks, screening and vetting to proactively head off the potential for workplace violence, potential for embezzlement, employee fraud, theft of intellectual properties among other threat sources. Some of these are highlighted in a variety of informational webpages including MakeItYourBusiness, ZDNet, and CrisisPrevention.com.
Which employees have access to your businesses’ sensitive information and data? Do you utilize redundant and failsafe practices for your computer networks? How easy or difficult is it for employees and others to gain access to proprietary information and “authorized personnel only” areas within your physical business compound? Do your employees carelessly leave sensitive passwords taped to their computers with sticky notes? Does your physical plant have proper lighting, alarm systems and other controls that limit or forbid undesired access or egress? Does your company have a “safe room” in the event of an onsite shooter? Do you conduct periodic safety drills to deal with various threat situation responses? Has your business formed and trained a company Threat Assessment Team? Has your business contacted or utilized the expertise of local law enforcement or industry experts in the areas of threat assessment and management in advance of workplace “incidents?” Has your company consulted with certified experts to deal with these and other internal threats? The importance of physical security assessment in addressing potential threats to businesses is highlighted in portions ofINTELLEO’s formal training curriculum that speaks to issues such as:
*The importance of physical security audits.
*Common problems uncovered during physical security audits.
*Lack of monitoring, maintenance, repair and utilization of security systems such as alarms and closed-circuit video monitoring equipment.
*Proper screening of employees and third-party contractors with access to a business’s physical plant.
*A lack of the development and implementation of corporate security policies and practices.
*Development and implementation of a security audit checklist.
*A top down to bottom up approach to physical security that protects both soft and hard business assets and resources as well as protection for company employees.
Common External Threats
Technology continues to play an increasingly important role in the day-to-day productive operations of businesses large and small. Unfortunately, technology is also the prime source of external threats most businesses may face. Examples and explanations of those external threats are outlined and explained in Executive Summary form in a concise document from our neighbors to the north, the Canadian Government’s Get Cyber Safe webpage. The external threats include but are not limited to:
*Distributed Denial of Service Attack
*WPA2 Handshake Vulnerabilities
Additionally, some often overlooked external threats may not seem readably apparent on the surface. They are briefly, but importantly outlined in a blog found at The Business Journal’s “Watch For These 5 External Threats.” They include, with examples and explanations:
- Increased consumer demand.
- Shifting business models.
- Increased global competition.
- Data attacks from external sources.
- Talent drain.
Who better to summarize your company’s need for threat assessment training than venerable founding father Benjamin Franklin: “An ounce of prevention is worth a pound