The Top COVID-19 Concerns of Security Leaders
As the world continues to grapple with the impact of the COVID-19 pandemic, we continue to listen to the concerns of security leaders who are trying to do all they can for their organizations and communities.
Here are the nine most common requests for information we've been receiving.
- Statistical analysis of data, including trend analysis and data reporting dashboards.
- "Return to" strategies, including triggers and indicators for phases of return or reopen.
- Technology and tools that are proving worthwhile in COVID-19 risk management, including symptom self-attestation apps, kiosks, CCTV, temp scanners, touchless options for access, contact tracing, identity and access management.
- Entrance screening strategies and best practices that meet HIPAA requirements.
- Reorganizing the building space for social distancing, to include elevator use, bathrooms, stairwells, zoning and environmental design.
- Travel safety, including triggers for return to travel and post-travel self-quarantine concepts.
- Cleaning procedures and protocols.
- Managing risk in the remote environment – including domestic violence, mental health, secure cloud, and data privacy.
- Dealing with new waves of infection.
Many security leaders are looking for best practices and input from peers about what works and what doesn't, from process to technology. Keep in mind that while such advice is useful, it isn't a substitute for a realistic and vigorous assessment of your own organization's capabilities, resources, and needs. Just because a strategy or technology works for others doesn't mean it will work for you.
Particularly if you decide to pursue technology as a solution to COVID-19 related issues, don't neglect to do your due diligence. In a time of crisis, vendors or media may claim certain technologies as quick fixes to problems, but testing and time may show they are far less effective than expected. For instance, many institutions rushed out to buy thermal camera systems for speedy noninvasive temperature checks, but it's since been shown that their margin of error still requires a backup method of screening for accuracy. It's also become clear that a high percentage of cases are presymptomatic or asymptomatic, so some companies have spent $20,000 on systems that don't save them much time or mitigate much risk.
There are some considerations, however, that can be of common benefit across organizations. These three points have been raised consistently by our subject matter experts over the last few months.
- Don't wait to do your after- action reviews. This isn't like a storm or an earthquake. It is an ongoing crisis with a long tail, and if you wait until it's over you will have lost the memory of many of the issues you could have improved along the way. It would be wise to do reviews at least once a quarter, and as often as once a week if possible. Make sure to include which tools you used to greatest benefit and what would have helped you do better, and track your costs continually.
- Consider how you can enhance employee care. Make sure your people know you are there for them and they can trust you with their health and safety. Communicate this intention clearly and often. Remember that your tone and follow-through will impact employee trust in the long term.
- Prepare for changes in Security. Redefining the workplace will continue to redefine security's role in the organization. Be thinking now about how reductions in physical space may affect your function. How will security protect remote workers and assets? How will a changing Security function impact staffing and required skill sets?
The SEC maintains a continually updated COVID-19 resource page that includes free, security-related resources and thought leadership on many of the issues security leaders are asking about and more. Visit https://www.securityexecutivecouncil.com/spotlight/?sid=32018