What is your role at Clearwater Security International and what type of engagements does your company take on?
As the founder and president of CSI, I lead the company and see to it that we meet or exceed our clients' expectations. I am often involved in engagements from the start and focus on areas such as project planning, manpower selection and execution, and monitoring progress. We have a diverse team comprised of former career U.S. Secret Service, FBI and DHS agents and security engineers, CIA and NSA intelligence and operations specialists, U.S. Military Special Operations personnel, and former state and local law enforcement and emergency services professionals. Our team has both domestic and international security, investigative, intelligence, and cyber experience, with “real life” experience on the front lines of the U.S. war on terrorism and the corporate world.
Our engagements have ranged from managing high-risk events, which include the 1997 and 2001 Presidential Inaugurations; evacuating corporate personnel in harm’s way; and conducting in-depth investigations to help corporations uncover threats to their brand, products, and personnel. We have also conducted major due diligence, as well as internal and external fraud investigations, and we have the ability to track assets in over 150 countries.
In the aftermath of Hurricane Katrina, we dispatched a team of investigators, cybersecurity experts, and special operations personnel to help protect and recover the remaining assets of a “Big Four” accounting firm, a major telecommunications company, and a utility. This team was also responsible for assisting with the major claims for damage as well as the protection of personnel. In addition, we assisted our clients with a review of their disaster recovery plans incorporating “lessons learned” from this horrible disaster. In 2008, we provided protection for two Presidential candidates during their run for the Presidency.
What do you believe to be the most critical security issues facing companies today?
There are many security issues facing businesses today, and too may to list and discuss here. However, our top concerns across all industries include workplace violence and active shooter situations, cyber threats, domestic and foreign terrorism, and political and civil unrest. Let’s take a closer look.
Workplace violence is continually one of the top five client concerns. Our experience has taught us that companies that are prepared may still suffer, but not at the level of companies that fail to prepare. However, in many cases the violence could have been prevented with proper planning and training.
Another key concern is cyber threats. With the emergence of the Internet of Things (IoT), estimates show over six billion devices connected to the internet in 2016 and predictions of 20 billion by 2020. Any of these devices with access to a business network or employee computer create opportunities for security breaches. Considering that the average cost of corporate data breaches in 2015 was in the millions, cyber threats are becoming one of the greatest financial risks of any business that utilizes information technology.
Cyber attacks have been conducted by criminal organizations, hacktivists, business competitors, and even employees. The methods used in these attacks range from brute force hacking to malicious e-mails and malware, and go as far as elaborate social engineering schemes that target employees in order to acquire network credentials and passwords. The recent rise in ransomware attacks using Cryptolocker, Cryptowall, and Reveton has resulted in full data loss in some cases. In 2015, companies paid out many millions to cyber criminals in order to receive the information needed to unlock their data. This type of attack has also magnified the issue of what security procedures and measures companies have in place after being compromised.
The increase in telecommuting and mobile devices has decreased the physical security of corporate networks. Companies today must educate and train all their employees as well as institute rules and policies that protect the company from their employees’ home computers and mobile devices. This is also true for company clients and vendors. In the well known Target Corporation data breach, the attackers infected the retailer's Pennsylvania based HVAC vendor with general purpose malware known as Citadel through an email phishing campaign and subsequently used the stolen credentials to steal the data of 70 million Target customers and 40 million credit and debit cards.
We believe that many companies could have mitigated their data breach with better planning and controls. The use of a red team, which stands for an independent group that challenges the organization's digital infrastructure as an attacker would, is an effective tool in identifying weaknesses that need to be addressed.
And there is of course terrorism. Our concern is that governments across the globe do not have a workable strategy to win the war against ISIS. Sporadic responses to attacks have failed to stop the growing threat, and the U.S. and other countries remain vulnerable to a catastrophic attack that could cause major disruptions to business operations.
While radical Islamic groups are a serious threat, the number of antigovernment groups and armed militias in the U.S. has skyrocketed to almost 1,400 groups in 2012, up from 149 in 2008. This growth presents a big issue for U.S. businesses and should be addressed in domestic and foreign contingency plans.
Political and civil unrest is another area that requires corporations' close attention. Whether it is civil or political unrest, the internet has enabled protests to evolve from merely handing out a few hundred fliers to the capability to reach millions of people with the push of a button. Each day, 350 million Snapchat messages are sent.
Still another security concern has to do with the dramatic increase in “professional protesters.” These are people who get paid by the backers of an opposition movement. Professional protesters are usually provided with an agenda and their job is to “stir the pot.” When we provided security for several high-risk events in the Washington, DC area, it became apparent that numerous protesters had been present at other events that had no connection. It is fairly easy to identify well-financed protest activities by the quality and similarity of the signs, logos, shirts, etc. Businesses need to take this into consideration when developing plans to address unwanted disruptions to business operations.
Companies need to identify and assess all possible risks and develop plans to prevent, mitigate, respond to, and recover from potential adversarial events. Once a robust plan is in place, the next step is to conduct training to test and validate the plan. Organizations that have effective business continuity and disaster recovery plans in place usually develop their plans with the assistance of professional firms.
What role has Clearwater Security International played in helping companies in crisis situations?
We have significant experience helping companies in crisis situations. For many years, we have been the “fire fighter” for crisis management firms such as C4CS®. We routinely assist by providing critical information that supports scenario building and decision making and enables the crisis management firms we work with to better advise their clients before, during and after adversarial situations. Here are a few examples of what we have done:
We were repeatedly retained by a crisis management firm to work with them on behalf of a candy manufacturer. In several cases, the media was running stories that a child choked on and died due to a toy that was included with their candy. After an in-depth investigation, we provided evidence that incriminated one of the candy company’s competitors. In one unique case, management knew right away that the story was false because the toy that had allegedly harmed a child had not yet been manufactured.
In another situation, our firm was brought into a case by a crisis management firm representing a major energy company. That company was under attack by protesters and media claiming that a new product was causing pregnant woman to have miscarriages. Several of the protesters and messages used against the energy company were traced to an independent PR consultant, and further investigation led to a key competitor.
Another time, we received a call from a crisis management firm at 11 p.m. They wanted us to participate in a conference call with their client as soon as possible. The client was experiencing a crisis with one of their operating units in a hostile environment where a coup was underway. The company wanted to have its employees evacuated before they became victims to the hostilities. Within eight hours we had rented a Falcon 200 jet and had a team of Special Operations personnel headed to the scene. Through our intelligence contacts we arranged to land our plane on a military base rather than the public airport, which was under the control of a hostile group. We had also arranged to have Red Cross vehicles waiting for our team to pick up employees. We rescued all of the employees just as the facility was set on fire. Because many of the employees were not U.S. citizens, we made arrangements to take everyone to a friendly country where first aid and psychological help were provided.
What has been your experience in working with firms that specialize in crisis management?
Being a full-service security and intelligence firm has been beneficial to the crisis management firms with which we collaborate. In complete confidentiality we can provide executive protection, investigative and intelligence services, cybersecurity, special operations personnel, physical security surveys, and other services.
The crisis management firms we work with bring together the information and assets they need to determine the best course of action for mitigating or eliminating a problem for their clients. In most cases of working with crisis management firms, their involvement significantly reduced the exposure to their clients. Just as companies turn to tax experts, outside counsel, and a number of other experts on a regular basis, firms that specialize in crisis management, crisis communication, and related disciplines have earned a reputation for providing the best advice in challenging situations.
Does Clearwater Security International have experience in advising companies on how to prepare for workplace violence including active shooter situations?
We have an impressive group of staff members that have provided workplace violence consulting and training including active shooter simulations to clients.
Our staff includes former members of the FBI Hostage Rescue Team, Large City Police SWAT Team, SEAL Team Six, U.S. Secret Service Counter Assault Team, as well as behavioral psychologists. In tandem with crisis management firms we assist companies in planning for these and many other critical events in order to improve organizational resilience in an increasingly important area.