Well, in the last few days it has been revealed that the robbers were caught on CCTV 2 days before the robbery, outside the shop 'checking things out'.
So what we had here is pre-planning. This is a common part of all theft (including data), whilst their is opportunist crime it is the exception rather than the norm.
Now we are not post-judging this particular situation but there may have been a window for prevention. One possibility may have been that when they pulled up outside the shop two days before the security guard had approached them and asked something like "can I help you?". By the simple act of engaging during the information gathering or 'hostile reconnaissance' stage it may have been enough to deter the attack. Their reaction to the question may have also raised the security guards suspicion and caused him to brief the other staff to be on the look-out for these men.
How does this relate to InfoSec.... Create a positive culture of security understanding and ownership, check your logs proactively, set up rules and identify behaviour 'out of the norm'. Be proactive and follow up anything out-of-place in a timely manner. Engage your end-users, speak to them and encourage a culture of 'eyes and ears'. Help them understand the threats in 'plain English'.
Prevention is always better than reaction.
Posts
In a busy high street, drivers of cars/trucks/motorbikes/lorries/vans and pedestrians will stop on a regular basis to, light a cigarette, window shop or pick up a friend, there is no way of telling the intent of an individual or ascertaining the truth no matter what yarn is spun on the approach of a security guard. Having an unarmed guard at the door would not have deterred this from happening, they would wait for him to take a break (lunch, tea, coffee, cigarette, medication) and then entered the shop, or put a gun against his head and walked him into the shop. As with any Information Security product/personnel, not having the armour (outdated AV updates/ firewall with inadequate rules/ limited product knowledge and no recognised qualification) will have a similar outcome.
ReplyDeleteA security guard, usually ex-military (no offence meant) placed in front of a building who has no experience of criminal profiling or educated in the ways of public/criminal behaviour would be of little benefit. (unless these criminals were stupid enough to advertise there intentions by claiming they are staking out the jewellers with the intent of robbing them)
So as far as Risk Mitigation and Return on Investment is concerned, how do we prevent this from happening, what are our options and would they have had any impact?
Locked & electronic entrance buzzer on the front door,
Metal detectors on the street to scan every customer for potential hidden weapons,
Burglar bars,
Security Guards,
CCTV,
Private Armed Response Units
and Insurance…to name just a few.
These were not criminals intent on hiding their identity (unless they did have masks on, theatrical makeup is phenomenal these days and looks can be deceiving). With Information Security, the same goes for internal ‘trusted’ staff, walking/surfing/browsing your confidential data for personal gain and they will walk straight out the front door with it. Based on their behaviour, this was not a random/opportune theft … hostages, gun fire, multiple vehicles, stakeout…. illustrates a well planned and executed operation. In InfoSec terms, monitor user behaviour with automated detection tools and pray you pick up an anomaly before it is too late.
I do agree with the philosophy of awareness, awareness, awareness, as well as participation and adequate risk management from respected, qualified professionals. I do not think this could have been prevented by education and awareness alone.
Lastly, remember when faced with the prospect of a gun in your face, if you are not trained to deal with these situations, don’t take the chance, it is not worth a life. You will not get a promotion and your wife and kids will be praying you took out adequate life insurance.
Hindsight is a wonderful tool, it teaches us how to learn from our mistakes, grow on our successes and reflect on what could/should have been.