Your risk assessments don't work anymore
Risk assessment is the cornerstone providing organisations the ability to recognise and analyse their security risks and respond appropriately. Risk assessments provide the basis and justification for all security action and activities.
However, the COVID-19 pandemic and response are challenging even the most dynamic security risk assessment processes. When COVID-19 is factored, organisations are finding that their risk assessment processes don’t provide the basis for action they normally do leaving decisionmakers struggling with what to do next.
Standard threat categories are insufficient during COVID-19
Crime, terrorism, and other physical security threats dominate traditional risk assessments. Most security risk managers are comfortable with these categories. But, risk assessment during COVID-19 requires a look at a broader set of categories including detailed information on multiple political contexts, governmental response to the pandemic, travel restrictions, xenophobia and hate crimes, economic stability, and operational ability. These categories are largely absent from traditional risk assessment. Their inclusion requires new, reputable data sources and means of analysis.
Add to this that COVID-19 doesn’t just create a new threat, it also impacts known threats to various degrees. Determining the likelihood and impact the pandemic, or pandemic response, will have on these threats is critical.