Disaster Discourse: The Hagerty Blog

MANAGING SECURITY THREATS IN THE CYBER AND PHYSICAL REALMS

Emergency management and security practitioners have long worked to combat physical security threats, including those posed by active threat events. As our world becomes increasingly digital, these practitioners are facing an emerging threat type outside the physical realm: cybersecurity. As October is Cybersecurity Awareness Month, Hagerty wants to encourage the personnel and partners dedicated to emergency management to consider how cyber risk is evolving and they can use their existing skill sets to help combat that risk. Cyber risk is now a global security challenge.

Security threats are expanding their reach beyond purely physical attacks and into cyber assets: Source

As we examine the newly broadening aperture for threat management, consider the following incidents:

  • On Christmas Day of 2020, a recreational vehicle was intentionally detonated in Downtown Nashville, causing injuries and long-term damage to property, forcing over 60 businesses in the area to close. 
  • In January 2021, a hacker gained remote access to a computer associated with a water treatment plant in the Bay Area and deleted programs that were used to treat drinking water. While the incident was resolved in time to avoid serious impacts, the event could have resulted in illness, mass panic, and supply chain concerns.

Although each of these incidents has a different cause, both events had the potential to trigger cascading delays, damage to property, loss of life, and significant economic impacts. Knowing this, emergency managers and their partners can apply their experience developing physical security preparedness and response principles to the cyber threat.

UNDERSTANDING THE THREAT LANDSCAPE

While we often hear about physical security threats, such as active shooters and acts of terrorism, the emergence of cyberattacks represents not only an evolution of these known threats, but an expansion of the existing risk. In other words, criminals who wish to carry out acts of violence or commit crimes no longer need to leave their homes to do so. Moreover, those with nefarious intentions can now carry out attacks without access to the resources or organizational support that physical security threats may require.

The threat we now face is complex. The perpetrators of cyberattacks range from skilled hobbyists and small organized criminal groups to nation-state actors. Perpetrators have also demonstrated an ability and willingness to operate locally or at scale, from using electric vehicle charging points as a backdoor to home networks, to holding 45% of United States East Coast’s diesel, petrol, and jet fuel as part of the Colonial Pipeline ransomware incident that occurred earlier this year. Cyberattack victims also span sectors and are not always the most obvious targets. In some cases, nation-states have exploited expansive supply chain networks, including small businesses, in order to steal sensitive defense industrial information and undermine national security.

Cyber breaches can impact your organization’s finances, operations, or reputation, and the accumulated cost is not always easy to quantify. Following a cyberattack, organizations may have to consider whether they can afford to pay a ransom, whether they are able to restart operations, or whether they can ever rebuild the trust of customers. In addition, unlike the accoutrements associated with robust physical security, comprehensive cybersecurity can be challenging to demonstrate to your customers and the public.

Thinking about the impacts of cybersecurity on your organization can feel overwhelming. However, it is often the absence of basic cybersecurity preparedness protocols that can put your operations at risk. The Colonial Pipeline attack impacted the movement of over 10 million barrels of product, resulting in cascading fuel shortages across the Eastern Seaboard. Hackers held the firm to ransom thanks to the theft of a single password, enabled by the failure to use multi-factor authentication on a virtual private network. Robust cybersecurity measures and a quick, considered response can be the difference between success and failure.

HOW HAGERTY CAN HELP

Hagerty is here to help.  Our team of experts are on hand to support your organization as it prepares for and responds to the emerging cyber risks your organization faces. Our offerings will allow you to understand the threats and translate them into concrete remedial actions, such as cyber disruption plans, communications protocols, business continuity strategies, risk assessments, and more.

  • Programmatic Assessments: If your organization is unsure where to start in combating physical and cyber security threats, Hagerty can assess your current policies and procedures and offer tangible recommendations for improvement. 
  • Funding: Hagerty has a wealth of experience in identifying and securing funding in support of planning, training, and exercise activities. We are here to help you fund your preparedness and response activities.
  • Planning: Hagerty’s experience developing emergency preparedness operations plans in a range of sectors can ensure your policies account for the known unknowns, ultimately building your organizational resilience. Hagerty has worked with governmental and non-governmental organizations across the nation to develop planning products that establish functional procedures for threat preparedness and response based on best practices.
  • Exercises: Hagerty’s robust exercise design practice  includes experience in developing exercises that test capabilities in both physical and cyber threat response. These activities have resulted in actionable after-action reporting and enhanced organizational readiness.

Using these capabilities, Hagerty stands ready to enhance your organization’s cyber and physical security preparedness as you work to protect your organizations against risk. Visit https://www.cyberthreatready.com/ to learn more.

Making cyber preparedness a priority, and building capabilities together, we can all be #CyberThreatReady.


Erin Bajema is Hagerty’s cyber sector co-lead and an emergency management professional with experience supporting several areas of emergency preparedness as an analyst, planner, evaluator, and instructional systems designer. Ms. Bajema has served on projects in a diverse range of subjects, including disaster recovery planning, housing, continuity of operations, hazard mitigation, active threat, evacuation, damage assessment, and cybersecurity.

Austin Barlow is Hagerty’s cyber sector co-lead as well as a planning, training, and exercise project manager with a background that includes disaster fieldwork, employment in support of all levels of government, and formal training and education in the development and implementation of emergency management policy. Mr. Barlow has led and supported national-scale projects, programs, and technologies, with a focus on strengthening whole community partnerships, addressing vulnerabilities, and building critical capabilities.

Jonathan Davis is a Managing Associate at Hagerty Consulting, where he works on energy, security, and cyber issues. Mr. Davis recently joined Hagerty from the British Government.

Kelly Girandola is a Managing Associate in the Preparedness Division where she has contributed to a diverse portfolio of projects within Hagerty’s Security and Threat Management Sector, including multiple Complex Coordinated Terrorist Attack programs. Prior to joining Hagerty, Kelly worked for the Department of Homeland Security (DHS) as a Special Assistant to the Secretary in Washington, DC.