Threats to company security can come from within – the firm’s own staff, whether through greed or in collusion with an accomplice from outside – or without, whether a terrorist after doing hostile reconnaissance, or burglar, or angry customer.
In our April 2014 we featured a ‘social engineer’ whose job it is to seek to enter on behalf of clients a building, to test security. Such ‘pen tests’ – short for penetration testing – has its network and IT equivalent. One can work off the other – the social engineer may seek to gather information about a target, such as staff details on social media, and use each snippet to build up knowledge to use against the business, whether to impersonate staff or suppliers and defraud the company, or to gain access and plant listening devices.
Also in April 2014 we featured the threat from organised crime – for not only do counterfeit goods, for example, take business away from reputable companies, they are bad for society as a whole – people may in the name of a bargain by sub-standard goods that catch fire or don’t work or break, or are toxic and dangerous, whether spirits or clothes or tyres.
CPTED – crime prevention through environmental design – is one concept, also known as designing out crime, whereby Security seeks to discourage criminals by making it harder for them to approach a site or to linger or to do crime, whether it’s break into cars in a car park or spray graffiti or plant a bomb. For more on this visit the website of the Designing Out Crime Association – DOCA, doca.org.uk.
Also on the subject of concepts, resilience is a word that has come to many security lips in recent years, meaning much the same as crisis management or business continuity, or risk management: rather, a resilient company or building accepts that it cannot avoid crime or emergencies or even disasters, whether fire or flood or man-made incidents; but the company has bounce-back-ability, can respond promptly to the incident and keep trading.