Top Security Tips for the New Year


As we settle into a new working year, we list the areas where we believe organisations should consider committing their efforts in 2021 to improve their security and resilience. We’ve kept the list short and simple, so these should be the two New Year’s resolutions that you can actually stick to!
1. Remain vigilant
If there’s one thing that the local and international response to the COVID-19 pandemic taught us is that complacency is a killer. Communities and organisations tend to focus well when responding in the immediate aftermath of an event such as an outbreak or a security breach, but there is a tendency to take one’s eye off the ball as soon as the threat appears to have passed.
Although New Zealand remains at COVID Alert Level 1 after two months of no community transmissions, authorities strongly encourage vigilant personal hygiene and social distancing practices, the wearing of face masks in crowded places, and the use of the COVID Tracer app. These good habits help us to protect against a return to community transmission.
The flip side of vigilance is complacency. It’s all too easy to lose the habit of physical distancing and using the COVID Tracer app particularly when New Zealand appears to have succeeded against the virus.
The same principle is true in security. In the immediate aftermath of a break-in or breach, organisations are suddenly prompted to prioritise investments in security controls and in following good security practices. At other times, many organisations tend to take more of a “she’ll be right” approach to security.
Malicious actors, whether they’re internet scammers, ATM skimmers, or just opportunistic bag snatchers, will target victims that appear vulnerable, unprotected and unprepared.
Make this year your year to review your organisation’s security practices and to promote a strong security culture among your colleagues.Start by asking yourself these questions:
- When was the last time you had your CCTV, access control and intruder detection systems serviced or updated?
- Is your security signage adequate? Do your people challenge persons onsite not wearing IDs?
- Do you tolerate tail gating?
- Do your people ensure that external doors latch closed behind them?
- Do you follow a clean desk policy?
- Do you lock your computer screens when you walk away from your desks?
- Are your security alarms connected to a monitoring service?
- Are your security patrols up to scratch?
- If you have guards, are they the right fit?
- Are your security controls commensurate to the risks you face?
- In short, have you assessed your security risks lately?
2. Use your imagination
One organisational resilience practice that was shown up by COVID to be in a sorry state is business continuity planning. Many businesses were caught out by the pandemic and its attendant lock downs… they had failed to plan for it; they had failed to imagine it.
‘Failure of imagination’ was an idea used in the wake of the 9/11 attacks on the US to describe an inability to imagine the possibility of a low-probability outlier event occurring. The 9/11 Commission found that this failure was an important contributing factor to the September 11 terror attacks.
COVID demonstrated that ‘being prepared’ really should mean being prepared for the unexpected. Business continuity planning is all about maintaining operations during events that would otherwise cause operations to discontinue, so a useful first step in creating a BCP is to imagine all the conceivable events that may cause a discontinuity to any part of your operations.
And when imagining these events, really use your imagination.
Ultimately, once you have a BCP, it’s of no use to your organisation if it gets filed away and forgotten. But that’s what often happens, and that’s evidently what did happen in the case of many organisations last year.
Periodic review and – importantly – desk exercising of your BCP is crucial. Things change, so BCPs require frequent updating. You also need to know that your BCP is fit-for-purpose, which means using a scenario-based process to walk through a discontinuity event with key stakeholders. If you don’t practice it regularly, the plan is unlikely to perform come game time. Think of it as a dress rehearsal for disaster.
How we can help
Experienced security providers have the capability to provide specialist advice in relation to proactive security planning and resilience planning focusing on the security and safety of your people, assets and information.
If you would like to find out more about enhancing your organisation’s resilience in 2021, get in touch with us to talk about how we can provide you with specialist advice and assist with your planning.