The Blending of Physical and Information Security Threats

The coming wave of security threats will increasingly be blended with physical and information components. CSOs who want to prepare for these attacks will have to meld their defenses to meet the challenge.

For CSOs, the pressure is on to knit the physical and cybersecurity departments closer together, if not merge them entirely. "Going forward, the modern and forward-thinking company will need to demand a holistic approach to risk management. That means combining [physical and IT security] to work together for common results," says Hancock. "The truly 'bad boys' of the terrorist world do not differentiate between methods to terrorize a specific target," he notes. "Whatever works best and quickly is always preferred."

Hancock is quick to add that, if the opposition is going to use multiple methods and blended methods to debilitate a company, the company being attacked can't think in "old ways" to deal with a modern threat.

Perpetrators are indicating a willingness to pool their resources and pull off ever larger exploits. Hackers are countering increased network resistance to old-style attacks by working in gangsharnessing their collective brain and computing power. And even crime syndicates have developed a very sophisticated set of technology skills.

The worry is that those skills might be hired out to a terrorist organization, providing an out-of-the-box cyberterrorist capability, notes Matthew Devost, a founding director of the Terrorism Research Center. "They have their own laptops and accounting systems and command-and-control networks, and everything that a billion-dollar multinational would have," he says.

Groups that are interested in pulling off purely physical attacks are also combining forces with like-minded individuals. The ALF (Animal Liberation Front) and the ELF (Earth Liberation Front) have long been on the list of the FBI's top domestic terrorism concerns, but recently a splinter group called the Revolutionary Cells has formed, creating a front group for militants across the so-called liberationary movement spectrum. The group characterizes its membership as "anarchists, communists, antiracists, animal liberationists, earth liberationists, Luddites and feminists," among other things, and their tactics are brutal. The group recently claimed responsibility for bombings outside the California offices of Chiron, a company that has had business dealings with Huntingdon Life Sciencesa longtime target of animal-rights activists. Security Gets Personal In the coming years, facility security and i.t. security may be joined by a third and equally important area of security practicepersonal security. This issue was once only a concern for celebrities, high-profile executives and dignitaries, but it's starting to go mainstream as citizens and employees are targeted for an employer's perceived transgressionsand sometimes for no reason at all.

Groups such as ALF, ELF and SHAC (Stop Huntingdon Animal Cruelty) used to target mostly pharmaceutical companies, fur farms or logging companies in the Pacific Northwest, and it was fairly easy to predict whether your company might be a target of their activities. But recently the groups have taken to targeting the secondary business partners as an effective strategy in undermining the primary business target.