For some, the September 2019 drone attack on Saudi Aramco oil facilities was a wakeup call. Industrial, utility, and other critical infrastructure are subject to ever-evolving external security threats; while cyberattacks have become inevitable, physical risks are intensifying as well. Understanding this harsh truth is a necessary first step toward developing, implementing, and maintaining a comprehensive threat mitigation plan.
Though it’s easy to assume that a devastating attack isn’t likely to happen to your organization, consider how we thought about school and workplace shootings – or even cyberattacks – in the not-too-distant past.
Adversaries are determined to create or exploit vulnerabilities, whether via organized terror cells, criminal networks, malevolent nation-state or nonstate actors, hacking groups, or the lone wolf who is radicalized or randomly intent on doing harm. The threat landscape is further complicated by geopolitical tensions as well as climate hazards that literally burn or blow down trusted lines of defense.