New global report: security incidents cost companies $1 trillion in 2022
A new report released Monday by Allied Universal says security incidents cost companies $1 trillion globally in 2022, along with double-digit drops in stock prices and corporate value.
Economic unrest is expected to be the greatest security-impacting hazard in the next year. The study defines economic unrest as a security- impacting hazard – such as a large external event — political instability or war, climate change, pandemics, recession, inflation, interest rate rises and the like — that cause societal unrest.
Allied Universal’s World Security Report, drawing on the opinions of 1,775 chief security officers in 30 countries, also concludes that companies anticipate a surge in threats and hazards like social unrest, climate change, fraud and theft.
Large global companies surveyed have combined 2022 annual revenue of more than $20 trillion. CSO participation was independent and anonymous.
Physical security budgets are predicted to increase significantly to “keep people, property and assets safe, and security leaders intend to focus investments on advanced technology and providing security professionals with additional skills and training,” the company says.
Fraud – deception intended to result in gain – is likely to be the biggest external threat over the coming year, and leaking of sensitive information is predicted to be the biggest internal threat, the report notes. Dangers posed by hackers, protestors, spies and economic criminals are expected to soar as well.
Protecting Assets and Information
Steve Jones, Allied Universal’s global chairman and CEO, says the report shows the impact of security threats on organizations is multidimensional – from the disruption of productivity to the loss of customers, to the potentially staggering financial impact.
One in four companies reported a drop in their corporate value following an external or internal security incident during the last 12 months. In addition to CSOs, the report also surveyed 200 global institutional investors to understand the impact of security incidents on the value of publicly traded companies. Investors estimated an average 29% drop in stock price in the wake of a significant internal or external security incident in the last 12 months.
Jones told SecurityInfoWatch that Allied Universal wanted to learn more from its customers and even non-customers as to what keeps them up at night.
“This is the type of information they say they need at their fingertips when they’re in their boardrooms and they’re talking about what they need to do, whether it’s executive protection or whether it’s asset protection or it’s protecting people or data and information,” Jones says.
Jones believes the concern among executives about cyber threats came out “pretty clearly” in the report, whether it’s internal or external bad actors getting access to the internal systems in an organization.
“That could be critical information within the organization. It could be customer data, it could be financial data, it could be employee data. I think boards realize that this issue must be on their radar all the time, and the challenges are only getting more complex.
To fight the ever-increasing sophistication of bad actors and what he describes as “economic criminal activity,” Jones says it takes people and hiring them is getting nothing but more expensive. The hyper partisan political environment and increasing number of controversies that incite the public — often fueled by social media — requires more people to analyze, he notes.
“You also have to search the dark web to look for underlying threats,” Jones adds. “So now you’re talking about all this going on within an organization, and then you must try to be ahead of it to proactively secure facilities and people.”
One example he shared about changing dynamics is with executive protection. That used to just be for leadership in emerging markets, Jones says. “Today, you’re talking about executive protection in very immature markets in North America because of threats against corporations and organizations and the people that lead those.
“And it could be because their income got released and people think they make too much money, and so they’re bad people. It could be due to what the company does, or something that happened in the media with regards to the company, or it could be a pharmaceutical issue.”
Some key finding from the report:
Security Threat and Incident Findings
● Economic unrest was reported by 47% as the greatest security-impacting hazard in the next 12 months — up from 39% in the previous year.
● Climate change events are on the rise and the second most concerning hazard, with 38% saying they may be impacted in the next year. This was followed by social unrest (35%), disruption to energy supplies (33%) and war or political instability (32%).
● Leaking of sensitive information is expected to be the biggest internal threat in the next 12 months according to 36% of respondents.
● Misuse of company resources or data was the most common internal incident with 35% of companies having experienced this already over the last 12 months.
● Fraud is expected to be the biggest external threat in the next year, predicted by 25% of CSOs.
● Fraud and phishing and social engineering were the most common external security incidents experienced in the last 12 months (23%).
● The threat from two groups – subversives (hackers, protestors or spies) and economic criminals are likely to increase significantly, with 50% and 49% of respondents predicting they will be impacted by these groups, both up from 39% in the last year.
● Security budgets represented approximately $660 billion (3.3%) of global revenue at respondent companies in 2022.
● Physical security budgets at 46% of respondent companies are set to significantly increase in the next 12 months.
● Artificial intelligence (AI) is top of the agenda for future physical security technology investment, with 42% intending to invest in AI and AI-powered surveillance over the next five years.
The Future of Security Insights
● Cyber threats that threaten physical security systems are challenging operations, according to nine out of 10 respondents.
● CSOs reported a disconnect between physical security incidents and the importance placed on them at board level; nine in 10 CSOs said company leaders are more concerned about cyber than physical security.
● Eight in 10 (84%) said recruitment of security professionals will be challenging over the next five years.
● Nine in 10 (92%) said people skills are more important than physical attributes of strength in front-line security professionals.
The Budget Battle Continues
Jones believes CSOs will need to keep making a case for external protection. During the pandemic and other periods of social unrest, such as the Occupy Wall Street movement, Jones notes CSOs were getting more resources from corporate boards to protect facilities, people, supply chain distribution and product manufacturing.
With the pandemic’s threats diminished, and cyber incidents being in the news constantly, the focus at many companies has seemingly shifted to cybersecurity.
“I think CSOs do still have to pound the table to make sure they’ve got enough resources. Because in many cases it’s different types of resources to protect the supply chain or a manufacturing facility or people in a facility or people from getting into a facility today that used to be all people,” Jones says.
“I think the industry would love the answer to be all technology, but I think we’ve learned that can’t be because there are real external threats.”
A Comprehensive Future
Jones says it will be important for Allied Universal to continue evolving to meet industry trends laid out in the report. He points out the company has built out one of the top five largest security systems integrators now. Allied is also the largest K9 security services company in North America.
“Why is all that important? Because again, now it’s about access control and it’s about remote video monitoring and using AI to help our customers better manage potential threats, make decisions quicker.
“We have over 3,500 canines, and why it’s important is canines are one of the best defenses for weapons detection. So we are using canines through facilities across the country and the world for that matter, to help. Last quarter alone, our 3,500 canines identified over 4,000 weapons trying to get into facilities.
“We’ve tried to position Allied Universal as not just the global leader in security guardian services, but really the global leader in comprehensive security solutions.”