Former FBI special agent, Thomas Trier, advocates the creation of a security task force within organizations
Throughout my 30+ year law enforcement and security career, the issue that was most difficult to overcome, but very crucial to success, was the need for collaboration between diverse police departments with varying missions and viewpoints.
For example, US federal agents, state law enforcement and local law enforcement may be investigating the same gang in their respective jurisdictions from different angles. Local law enforcement wants the gang out of their city. The state officer’s mission is to clear the state of the gang. The federal agent, however, has the mission to disrupt and dismantle the gang’s operations and membership.
Federal agencies concentrate much of their criminal enterprise investigations on bringing the different agencies into a task force, with the overall mission of dismantling the gang. Using the different federal, state and local methods to target the gang’s activities in a collaborative effort maximizes the effectiveness of all levels of law enforcement. The collaborative law enforcement task force has proven to be a successful in the United States.
It is becoming more and more apparent that that physical security, information security, cybersecurity and risk management personnel must coordinate their efforts, dealing in threats that cross all arenas. As in the law enforcement example, each of the security departments has its own area of responsibility or specific mission.
The physical security professional will focus on the physical protection of personnel and assets. The information security professional focuses on the protection of an entity’s information, and the cybersecurity professional concentrates on the protection of information technology systems. Even though there is some crossover, these departments rarely meet unless there is a crisis, when it is often too late to prevent substantial damage.
“Physical security and cybersecurity personnel should evaluate the possibility of developing collaborative assessment tools”
As the physical security leader at a medium-sized company, I initiated and led such a task force to address insider threats. Representing physical security, I engaged personnel from cybersecurity, information assurance, human resources and the legal department. We met once a month and discussed any internal issues that arose. We ensured we protected the employees’ rights, but we also reduced risk to the company by placing tripwires in the IT systems for those employees identified as potential insider threats.
If the employee resolved their issues with the company, the team removed the tripwires. However, if the employee made attempts to harm the company we were notified through the placement of the tripwires and took action before any malicious act could be completed. The program was successful because of the collaborative efforts of the diverse team members working with the common goal of defending the company while respecting the rights of the employees.
The purpose of this article is to advocate the formation of a ‘security task force’ to address any threats specific to a company or organization. The task force should work to leverage its different perspectives. Each threat should be analyzed and evaluated, and the risk be mitigated by this collaborative team for a common cause.
Upon formation of a security task force, physical security and cybersecurity personnel should evaluate the possibility of developing collaborative assessment tools and incident response plans. The task force should assess and defend against the cyber-led attack that defeats physical security measures or the physical-led attack designed to gain access to cyber assets.
The analysis of threat stream should include but not be limited to the following: insider threats (disgruntled employee/contractor), external threats (such as terrorists, disgruntled customers or an organized lone wolf), and state-sponsored attacks.
In any initial threat assessments, security professionals should be able to answer these questions: Who is my biggest threat? What is their capability (physical and/or cyber)? How are we defending against them?
Document the threats and monitor their activities; develop and implement measures to reduce risk based upon threat capabilities.
Knowing your adversary and knowing your organization’s vulnerabilities is the key to reduce risk to company personnel and assets. The formation and effective operation of a blended security task force can strengthen your security posture through the collaborative efforts of diverse viewpoints on a common problem.
About the Author
Thomas Trier served 25 years as a special agent of the Federal Bureau of Investigation. He was an assistant special agent in charge in the intelligence branch of the FBI Washington field office. Trier's field of expertise was investigating criminal and terrorist enterprises, including extensive service overseas and development of intelligence-based investigations. After retirement from the FBI, Trier served as the corporate security lead for a utility company. He currently provides Security consulting services through his business, Security Intelligence Consulting LLC. He is the author of a new book, Intelligence-Based Security in Private Industry, available here.