Constella Intelligence

Constella Perspectives: Managing Increased Cyber-Physical Security Threats in a Hyperconnected World

Threats against employees, executives, and physical locations are increasing at a staggering rate. Further, political unrest and global economic instability—accentuated by geopolitical conflict and contentious (and highly sensitive)political, economic and social debates— is contributing to this increase, creating a complex security environment for virtually all organizations.

In partnership with ASIS International, Constella Intelligence recently published a report titled “Managing Increased Cyber-Physical Security Threats in a Hyperconnected World” after surveying more than 300 security professionals from organizations across 19 sectors and five key geographic regions. The results of this survey speak directly to the cyber-physical risks, top security priorities and companies’ approaches to responding to cyber-physical threats. Across these dimensions, nearly 50% of respondents reported that their companies had experienced a significant increase in physical and incidents threats over the past year. Nonetheless, cyber and physical security teams still appear to lack the necessary collaboration and tools to effectively detect and mitigate hybrid risks, in addition to the adequate engagement to address a quickly shifting environment, with 54% of respondents indicating that their physical security teams don’t frequently interact with their cybersecurity counterparts and 70% reported that they would be better equipped to prevent a crisis if they could proactively monitor threats in a single unified platform.

Jonathan Nelson headshot

Jonathan Nelson

Director, Risk Intelligence

Several recent cases reinforce the conclusion that companies must protect their organization against the new reality of targeted hybrid cyber-physical threats. To see these trends, look no further than the persistent phenomenon of tragic active shooter incidents in the U.S., stories of physical violence from disgruntled employees and customers , or protests and civil unrest leading to physical location damage.

  • About 30 minutes prior to the Buffalo supermarket massacre, the attacker invited a small group of people to join a chat room online and review his plan.
  • Before the May 2022 massacre at an elementary school in Uvalde, Texas, the perpetrator frequently disseminated violent and hostile messages, persistently threatening girls and young women online.
  • A conspiracy theory that gained momentum in Facebook groups, WhatsApp messages, and YouTube videos, linking the spread of the coronavirus to 5G wireless technology spurred more than 100 incidents of 5G towers set ablaze in the U.K.
  • A U.S. federal jury convicted multiple individuals in August 2022 for plotting to kidnap Gov. Gretchen Whitmer. Much of their planning was recorded in text messages and social media posts.  

Often, there are clear warning signs amidst digital conversations prior to violent incidents. The ability to detect and proactively monitor for emerging threats online is the best defense organizations have to prevent cyber-physical attacks from happening in the first place. Understanding activity across the digital sphere reveals powerfully rich and often predictive intelligence about how physical threats emerge and materialize. Thus, digital spaces such as dark web communities and marketplaces, chat rooms, and even public social channels can provide a wealth of insight into physical threats as they develop. The interdependent nature of digital “weak signals” (or early indicators of emerging risks that can be extrapolated from online activity) and physical events support the notion of integrating cyber and physical teams more tightly, ensuring that adequate intelligence on potential risks impacting organizations and their individuals are proactively identified and addressed.

Despite these structural realities that create an environment where digital signals precede real outcomes, most organizations report that they do not monitor the dark web for emerging threats and are primarily reactive, only responding to threats as they arise. Although the reticence to roll out comprehensive monitoring programs may be due to budgetary considerations, the financial and reputational costs of cyber-physical threats that do indeed materialize can be devastating, and companies are expressing an interest in improving these risks are addressed. 40% of companies said they would be better prepared for a large-scale incident if the two teams were more tightly integrated, and 70% believe that their company would be better equipped to avoid a crisis if both cyber and physical security teams could proactively monitor potential threats in a single, unified platform, underscoring the importance of deeper integration.

Looking Ahead

Company boards are already starting to respond accordingly, as the risks posed by the convergence of diverse security threats targeting businesses are being elevated to the responsibility of senior leadership. 70% of respondents agree that recent events such as global military conflict, pandemic-accelerated remote workforces, ideological extremism, and civil unrest have driven an increase in corporate governance or regulatory requirements to implement more rigorous cyber and physical security practices. It comes as no surprise that almost half of respondents say they anticipate their physical security operating budget to increase in 2023. These increases would reportedly go towards investments in real-time monitoring and threat reporting (39%), integration of cyber with physical security teams (36%) or hiring more protective intelligence analysts better to manage the increase in cyber-physical threats at their company.

Taking this step can facilitate communication and collaboration across security teams, prevent harmful and damaging physical incidents, and ensure that organizations are better equipped to anticipate and handle them as they materialize.

The instantaneous and constant nature of digital conversation has created intensifying concerns for companies globally, as discovery of threats and reaction time must be continuous and real-time in order to keep up. In the digital age, safeguarding organizations from physical and digital threats requires a hybrid approach to security: the more that organizations can integrate their cyber and physical security functions, the quicker they will be able to manage emerging threats.

Read the full survey report ‘Managing Increased Cyber-Physical Security Threats in a Hyperconnected World‘ for more key insights and get pro tips on how to better protect your organization from cyber-physical threats.