Travel Matters June 2017

With terrorist attacks taking place in traditionally safe destinations, the threat today is much closer to home as the recent attacks on Westminster Bridge, Manchester and London Bridge demonstrated. International SOS shares best practice on how to keep travellers safe within our shores Today, security and medical risks to the mobile workforce can occur anywhere and at any time. It is a necessity for the mobile workforce to be vigilant and stay safe, from taking NOT IN MY BACKYARD www.travelctm.co.uk www.travelctm.co.uk TRAVEL TRENDS | 07 06 | TRAVEL TRENDS steps to be aware of any threats to knowing what to do and having efficient lines of communication with the correct contact if you get in trouble. As always, preparation is essential. In today’s complex and sometimes challenging world, we are often made aware of risks around us, from attacks in locations previously considered secure to cyber security crime being on the rise. In a crisis, speed is an essential factor in dealing with a situation efficiently and this often comes from the preparation already in place, from education of the workforce in case of an issue to the on the ground support. For instance, in a security incident, organisations need to be able to locate and communicate with their workforce, identify and arrange any support required and understand quickly if anyone is unaccounted for – and all at a time of intense pressure. In order to do this, multi-channel communication is key, using a range of two-way communication methods including email, SMS and text-to-speech protocols and provide automated “resend” capability to ensure travellers acknowledge the message / respond to it are essential. As events evolve, access to informed, real time information is key. Whenever a traveller is on the road anywhere, another consideration should be cyber and information security risks. Cybercrime is predicted to cost businesses between US$2.1 trillion 1 in 2019 and $6 trillion by 2021 2 . Before travelling it’s important to research the potential threats to an organisation’s sensitive commercial information, specific to the destination. Additionally, advise travellers to avoid advertising the exact location or purpose of their business trip online, to ensure all software on their devices is up to date before departure, to avoid connecting to non-secure networks, and to maintain physical control of their devices and sensitive information at all times when in locations assessed as high threat. A hotel choice across the UK could also be key and security could be anything from a fire to personal safety as you leave the building. As business travellers also increasingly use shared economy services such as Airbnb, an increasing awareness is required both on the part of the traveller while in situ and the organisation to keep track of the location and standard of accommodation. For hotel stays we advise: • have a plan in case of emergency • pick a room on the opposite side from the main entrance • make sure the room has appropriate security fittings • upon arrival, do a sweep of the room to check for intruders • consider the hotel’s communication capabilities 1 Cyber Security Ventures Cybercrime Report 2016 http://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/ 2 Juniper Research figure quoted in Forbes magazine http://www.forbes.com/sites/stevemorgan/2016/01/17/cyber-crime-costs-projected-to- reach-2-trillion-by-2019/#fabc3203bb0c Top tips to help protect your data while on the move: 1. Before you travel, it’s useful to have access to objective insight of the potential threats to your company’s sensitive commercial information, specific to the location of your travels. This will enable you to implement effective security measures to mitigate any risks during your trip 2. Avoid advertising online the exact location or purpose of your business trip 3. Software Update: Make sure that all software on your devices (including but not limited to antivirus software) is up-to-date before departure 4. Avoid connecting to non-secure networks (such as public WiFi hotspots) when you travel. Where possible, disable any WiFi and Bluetooth capabilities, which can provide additional entry points for attackers and can be exploited without your knowledge. Turning these off will further reduce the likelihood of sensitive information being stolen from your devices 5. In locations assessed as HIGH threat (this may vary from company to company, depending on the nature of their operations), maintain physical control of your devices and sensitive information at all times. Keep your laptop with you as carry-on luggage and do not loan it to anyone while travelling. When you return from a high-threat location, or if you have witnessed any suspicious activity on your devices, ask your IT service desk to check for signs of malware, unauthorised access, corruption or intrusion. Do not connect your devices to sensitive networks until they have been verified as safe. Where to find help The government’s Terrorism Security Office launched Project Griffin in March 2016 as a national counter terrorism awareness initiative for business. It has the express aim of advising UK companies how to protect company’s staff, business and community. The threat from terrorism is serious, but it is important to keep it in perspective. This threat comes principally from DAESH (also known as ISIL), Al Qaida, and groups and individuals who can be directed, encouraged or inspired by them. The level of threat is complex and ranges from crudely planned attacks to sophisticated networks pursuing ambitious and coordinated plots. Project Griffin holds briefing events to increase public and staff awareness of how best to reduce and respond to the most likely types of terrorist activities. The events are presented by trained police advisors delivering a range of CT awareness modules. Events are free and can last between one and six hours depending on the time available and number of modules covered. The modules are reviewed and updated regularly and currently cover the following topics: Current Threats; Firearms & Weapons Attacks; Document Awareness; Bombs; Cyber; Domestic Extremism; Hostile Reconnaissance; Methods of Attack; Response to Suspicious Items; Postal Threat; Drones; Social Networking; and Insider Threat. An attendance certificate showing the modules covered is awarded to staff at the completion of each event, enabling business to monitor and evidence staff development and awareness. Contact your local CTSA in your area for further details. Educating employees about travel risks 49% Communicating during a crisis 47% Tracking employee travel 42% Confirming that employees have read pre-travel information 37% Travel risk policy compliance 31% Managing a crisis 31% Business continuity planning 23% Implementing a travel risk policy 23% Confirming that employees have taken travel risk training 23% Understanding legal obligations to travellers 22% Management buy-in of travel risk policy 18% Business decision- makers report a wide range of challenges when it comes to mitigating travel risks for their employees: