More than one thousand private security professionals packed the State Department last week for the Overseas Security Advisory Council’s (OSAC) annual briefing. Designed to help corporations, schools, non-profits and places of worship protect their international employees and volunteers, OSAC’s annual event keeps organizations on top of emerging global threats.
After attending the day and a half of sessions – and chatting with other attendees in the hallways – here are three trends that repeatedly surfaced during the event:
1. Disinformation as a growing physical threat
Disinformation and its many perils are well-known in war and elections. But it’s increasingly fueling civil unrest, communal violence and targeted attacks, as well.
“It’s simply easier to produce convincing but false images and news stories,” said David Hall, the State Department’s Under Secretary for Political Affairs. “Such disinformation has real-life security implications.”
Hall pointed out recent examples in Sri Lanka and Myanmar, and a subsequent presentation detailed how disinformation in India fuels communal violence and is often picked up by news organizations, legitimizing the false reports. In another session, a panelist* explained how disinformation put a global company’s employees at risk in South Africa after false news was spread on social media.
Another presenter echoed Hall’s assessment, adding that the sheer volume of signals has exacerbated the problem of knowing what’s important.
“We’ve become like aging shortshops,” she said.
Here at Factal, we’ve seen a sharp increase of both the volume and effect of disinformation. Companies are having to work harder to filter out false positives and make sense of what’s really happening, slowing response times. (Learn more how we help counter this effect with real-time verification and proximity.)
“Americans can expect more of these attacks against our interests overseas,” Hall said, encouraging the private sector “to call out disinformation when it occurs.”
2. Growing convergence of cyber and physical security
With “data as the new oil,” as one OSAC attendee put it, cybersecurity is paramount in organizations today. While many companies have organized cyber and physical security as separate functions, there’s an increasingly overlap between the two.
“Virtually every breach we respond to is tied to a geopolitical situation,” explained FireEye CEO Kevin Mandia in his presentation on emerging cyber risks. “It took me too long to figure it out, but it’s an absolute fact.”
Mandia said 80 percent of cyber attacks against corporations originate from nation states Russia, China, Iran, North Korea and newcomer Vietnam. For example, American banks are gearing up for Iranian cyberattacks in response to new U.S. sanctions.
“We have to change as organizations,” said Emily Hill, United Airlines’ Chief Information Security Officer. “I would argue that very rarely is there ever a physical incident that doesn’t have a cyber component these days. It’s just the world we live in.”
Panelists urged companies to increase cooperation between cyber and physical teams, share useful information with other companies in their sector and monitor real-time geopolitical developments.
3. Broadening diversity of security roles
Historically physical security has focused on guns, guards and gates with a predominately male workforce. But during two sessions on creating contemporary security programs, panelists shared how the role of security inside organizations is broadening – and how employees are becoming more diverse.
“For us security is an employee benefit,” said one panelist, explaining how his security program is offered as a customer service with its own internal marketing.
Another corporate leader said she viewed security as “risk mitigation” across the company, a more proactive approach that involves multiple departments. In a hallway conversation, another company said it’s diversifying beyond tactical to more strategic, value-added analysis.
The diversifying workforce was represented in OSAC’s panels and events. For the second year, OSAC held a popular Women in Security networking event, and the panels and keynotes were decidedly more diverse than previous years.
When asked to predict what security will look like in eight to ten years, one panelist motioned to the audience. “This crowd will be younger and look more like the diversity” of the U.S., he said.
Cory Bergman is the co-founder of Factal, a new startup from the founders of Breaking News that enables companies to accelerate their response time to verified incidents that pose the greatest risk to their workforce and operations. Learn more here, and if you have any questions, email firstname.lastname@example.org.
* Many of the OSAC presentations were in closed session under Chatham House rule, which prohibits attribution. The open session was recorded here.