The security agenda in 2017: By OakPark
-
Upload
paul-main -
Category
Technology
-
view
6 -
download
0
Transcript of The security agenda in 2017: By OakPark
‘The Security Agenda
in 2017’
Ed Smith
THE TRADITIONAL BUSINESS SECURITY AGENDA
1. Property Theft
2. Property Damage / Vandalism
3. Unauthorised Access
4. Workplace Violence
NEW THREATS EMERGE
• Cyber Crime & Data Integrity
• Employee Screening
• Internal Theft & Fraud
• Identity Theft
• Terrorism / ‘Active Shooter’
GLOBAL CORPORATE RISK SURVEY 2016
Source: www.ey.com/uk
IMMEDIATE CONCLUSIONS
• Security agenda more diverse than ever
before as threats have proliferated.
• Greater financial loss implications for
businesses in new agenda.
• Traditional models of predictive risk
becoming problematic.
• Opportunity to introduce new ideas into
our field.
FINANCIAL IMPLICATIONS – ‘OLD’ AND ‘NEW’
Cost of retail theft for UK
businesses in 2016 was £613
million.
Total cost of theft from
construction sites was circa
£900 million.
Cost of policing anti-social
behaviour was £3.4 billion
Total cost of direct
employee theft in 2016 was
£196 million.
UK Businesses reported £2.4
billion in cyber crime losses
in 2015/16.
Total cost of fraud for
private sector was
estimated at £120 billion.
MEASURING RISK
BUILDING ‘RESILIENT’ ORGANISATIONS
“Most systems try to anticipate trouble spots, but
high reliability organisations (HRO’s) pay close
attention to their capability to investigate, learn,
and act without knowing in advance what they
will be called to act upon.”
Risk
Management
Organisational
Resilience
Probability
Focused
Impact Focused
BUILDING ‘RESILIENT’ ORGANISATIONS
“Resilience refers to the organizational capability to
anticipate key events from emerging trends, constantly
adapt to change, and rapidly bounce back from
disaster.”
“The ability of an organization to anticipate, prepare for,
and respond and adapt to incremental change and
sudden disruptions in order to survive and prosper.”
Source: BS 65000: 2014
RISK v RESILIENCE APPROACHES
RISK v RESILIENCE?
Operational
Exclusive
Narrow
Quantitative
Reactive
Strategic
Inclusive
Broad
Qualitative
Proactive
PRESSURES OUTSIDE OF ‘PREDICTIVE RISK’ MODELS
HOW TO MANAGE THE UNEXPECTED?
Source: Weick & Sutcliffe, Managing the Unexpected, Third Edition.
1. Preoccupation with Failure
2. Reluctance to Simplify
3. Sensitivity to Operations
4. Commitment to Resilience
5. Deference to Expertise
BS 65000 ORGANISATIONAL RESILIENCE
BS 65000: 2014 Focuses on bringing the importance of
resilience to the top of the
organisation.
Acts as an ‘umbrella’ for sub-disciplines
such as Health & Safety, Business
Continuity, Environmental
Management and Disaster Recovery.
Provides 24 key questions to determine
consistency of resilience measures.
A taster of what can be expected in
the upcoming ISO 22316.
OUR RESPONSE AT OAKPARK SECURITY
Source: www.ey.com/uk
HOW ARE OAKPARK SECURITY HELPING?
1. Increased focus on consultancy.
2. Introducing new knowledge into
our business.
3. Introducing new technologies
within our business.
4. Working in partnership with
specialist providers.
THE CHANGING FACE OF SECURITY?
START YOUR RESILIENCE PLAN TODAY!
1. What do we need to survive? Where are our
‘pressure points’?
2. How can we better absorb and react stress on
these ‘pressure points’?
3. Consult with external parties to fill ‘knowledge
gaps’.
4. Circulate information, refine information and re-
distribute. Awareness is key!