• United States




Belgium attacks reinforce that security is everybody’s problem

Mar 25, 20164 mins
CybercrimePhysical SecuritySecurity

In light of the tragedy in Belgium columnist Rob Enderle writes that it is more important than ever to rethink our security efforts. People seem to think security is someone else’s problem, but the reality is that security is something we all need to own.

I’ve had some rather unusual security training over the years. One of my earliest jobs was in security and law enforcement, and my course of study in graduate and undergraduate school included covering some of the largest security disasters in corporate history. Oh, and I was an internal auditor leader for a time when we had a tight emphasis on security. And, I’ve actually been a body guard.

One of the things I’ve learned is that security is as much a mindset as anything else. Whether you are talking about personal security or securing your firm or country it is a heads-up game. The most successful are those that are constantly looking for abnormalities and are willing to do what is necessary when they see one to discover if there is a problem. Those that simply depend on tools or others to keep them secure likely aren’t. While these folks may lead far less stressful lives, their sense of security is a sham.  

Rethinking business travel

Losing an employee, co-worker, and/or friend is not only traumatic to the people around them, but can set back company efforts related to that person significantly. Having this happen if the trip was avoidable is particularly painful. Over the last few years video conferencing solutions have become both far better and far less expensive. The cost of one system can actually be less than the cost of one trip. Terrorists seem to be attacking central transportation hubs in cities and unsecure transportation methods like trains. One way to keep employees safe is to just keep them, as much as possible, from being in either place.

Rethinking work at home

We seem to yo-yo around the work-at-home option, but most managers now seem to have a grasp of what jobs work best from home and how to monitor employees so they can tell the difference between those who can successfully do this and those who can’t. This not only lowers the risks associated with travel it can substantially reduce the cost of maintaining offices at centralized locations and hoteling. In addition, tools have improved dramatically over the years so that an office or cubical can now be automatically provisioned individually for an employee when they first log in to the office.  

[ Related: 8 must-have tools if you work from home ]

Rethinking employee security training

Employees are facing a number of increasing threats both physical and electronic. I recently was made aware of Lockey, a new ransomware product that not only encrypts local storage but every piece of attached, both physical and virtual, storage as well. Given users are tricked into installing tools like this, firms should aggressively limit user access to just what they need and when they need it. Also, users need to be regularly trained to recognize and report attempts to phish them for any reason so that other employees, security and management can be made aware of an attack in progress.   More typically what happens is we sound an alert only when an attack has been successful not during an attempt and, given the amount of damage that is being done, that is simply too late.

Belgium reminds us that an attack can be physical as well, and actively looking for people who are behaving unusually and reporting them may not just save the company, it could save the employee’s life.   While I sadly expect that we won’t take this seriously until more of us have lost loved ones, for those who can get ahead of this problem the reward of avoiding guilt will be well earned.  

Security is nothing to laugh at

I have a number of funny security stories I could share, but there is little to smile about with what seems to be going on today. Being stupid can have mortal consequences. At the heart of much of the problem is that people seem to think security is someone else’s problem. If there is one overarching thing we can do, it is to accept that security is something we all need to own because with threats like what we are now seeing out of Europe and what we have seen here, that is the only reliable way we can actually be safer.  

Something to think about this weekend.


Rob Enderle is president and principal analyst of the Enderle Group, a forward looking emerging technology advisory firm. With more than 25 years’ experience in emerging technologies, he provides regional and global companies with guidance in how to better target customer needs with new and existing products; create new business opportunities; anticipate technology changes; select vendors and products; and identify best marketing strategies and tactics.

In addition to IDG, Rob currently writes for USA Herald, TechNewsWorld, IT Business Edge, TechSpective, TMCnet and TGdaily. Rob trained as a TV anchor and appears regularly on Compass Radio Networks, WOC, CNBC, NPR, and Fox Business.

Before founding the Enderle Group, Rob was the Senior Research Fellow for Forrester Research and the Giga Information Group. While there he worked for and with companies like Microsoft, HP, IBM, Dell, Toshiba, Gateway, Sony, USAA, Texas Instruments, AMD, Intel, Credit Suisse First Boston, GM, Ford, and Siemens.

Before Giga, Rob was with Dataquest covering client/server software, where he became one of the most widely publicized technology analysts in the world and was an anchor for CNET. Before Dataquest, Rob worked in IBM’s executive resource program, where he managed or reviewed projects and people in Finance, Internal Audit, Competitive Analysis, Marketing, Security, and Planning.

Rob holds an AA in Merchandising, a BS in Business, and an MBA, and he sits on the advisory councils for a variety of technology companies.

Rob’s hobbies include sporting clays, PC modding, science fiction, home automation, and computer gaming.

The opinions expressed in this blog are those of Rob Enderle and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.

More from this author