LPRC - CrimeScience – The Weekly Review – Episode 82 with Dr. Read Hayes, Tom Meehan & Tony D’Onofrio
Episode Date: December 2, 2021A New Variant is Spreading! LPRC Kickoff is January 19th in NYC Bloomingdales Flagship Store! In this week’s episode, our co-hosts discuss these topics and more, including the vaccination numbers in... South Africa allow more variants, Holiday Shopping Online Trends are Analyzed, Discounts were Smaller this Year, and a Continuation of the bitcoin city. Listen in to stay updated on hot topics in the industry and more! The post CrimeScience – The Weekly Review – Episode 82 with Dr. Read Hayes, Tom Meehan & Tony D’Onofrio appeared first on Loss Prevention Research Council.
Transcript
Discussion (0)
Hi, everyone, and welcome to Crime Science.
In this podcast, we explore the science of crime and the practical application of this
science for loss prevention and asset protection practitioners, as well as other professionals.
We would like to thank Bosch for making this episode possible.
Take advantage of the advanced video capabilities offered by Bosch to help reduce your shrink
risk.
Integrate video recordings with point-of-s sale data for visual verification of transactions and exception reporting. Use video analytics for immediate notification of important
AP related events and leverage analytics metadata for fast forensic searches for evidence and to
improve merchandising and operations. Learn more about extending your video system beyond simple
surveillance in zones one through four of LPRC's zones of influence by visiting Bosch online at boschsecurity.com.
Welcome everybody to another episode of Crime Science, the podcast from the LPRC.
I'm joined by colleagues Tony D'Onofrio and Tom Eaton and our producer Diego Rodriguez
today.
And we're going to do a quick run through, as we have been every week for going on two
years now.
But latest pandemic update, obviously making all the news all over the world is the latest
variant that's been sequenced, the coronavirus. And we're looking at Omicron. They evidently
skipped two letters. One sounded too much like Z. and I'm not sure on the other one what the issue was.
But regardless, South African scientists sequenced and described the Omicron variation or the mutations that were a part of that variant. And evidently, the South African scientists and physicians, because of the
AIDS, the HIV situation for really decades now, they've become very, very sophisticated with
viruses, have a lot of expertise, a lot of technology, and unfortunately, a lot of experience,
of course. But they were the ones that sequenced and described and within about 36 hours notified the world, much to their credit.
And because, as we can see, the U.S. and other countries have now banned any travel from their country and others that have found it.
Now that variant has been found in different places in Europe and around the world.
has been found in different places in Europe and around the world.
And so we're not sure yet if it's in the United States. Time will tell as infected people have their virus, the viral particle sequence.
So we'll see.
You look at some of the research and the reporting coming out from the researchers,
the physicians, the physician scientists involved,
they're seeing over 50 mutated entities, and over 30 of those are on the spike protein alone,
which, of course, is the target for the various different vaccines that are available out there.
But it's the most mutated virus that the South African scientists have ever seen.
And they, again, some viruses are very rapidly mutate.
Coronavirus, evidently those viruses are not known for nearly as rapid of mutation.
So there are a lot of concerns.
The South African population is evidently under 30% population of the population is vaccinated.
is evidently under 30% of the population is vaccinated.
So the concern is that's every human that's, of course, infected anywhere in the world,
any of us that are not vaccinated or don't have an adequate immune response on our own can become factories and allow this is where the mutations occur.
So time will tell.
The initial reporting is saying that while it may be much more highly
transmissible in the way that Delta was, it may or may not be as serious as far as the disease it
creates in our bodies. And of course, to be answered and understudied now by Moderna and
Pfizer and other independent groups is, is this virus with all
these variations, all these mutations that have occurred, better able to escape or evade natural
immunity from natural infection and or from vaccination. So the immunity that's generated
from that. So again, we've talked about through the research, the different
antibody responses that we get, as well as the cellular activity, the B and T cells that are
part of our immune system, the innate and the adaptive systems. And so these vaccines or natural
immunity that we get, we're talking about typically involving both. And what we don't understand is we see the waning, evidently, of antibody responses and
activity, the titers or the amount of antibodies that when they test our blood that might still
be present.
But what's the sustain, the persistence of the cellular response?
How long are these killer T cells there?
We know that from some viruses and infections, they're lifelong from one exposure via vaccine or natural infection. So stay tuned for all of that and try and understand. But it was really
interesting when the South African scientists described this as a Frankenstein. In other words,
to describe this as a Frankenstein. In other words, there were so many mutations on one microscopic virus. So we'll all keep you posted on that. Prevention, I'm sorry. On the masking front,
clearly, again, high quality mask do reduce particle distribution out of us as we talk, as we laugh, as we cough, as we sing or whatever we're doing.
So, but there are a lot of counterfeit masks out there on the market continuing to grow. So
stay tuned on that. We know that the United States, that Americans and everywhere around the world,
people are becoming pretty weary about all of this, but if you're in an enclosed environment and you know that somebody is infected or suspect, it's not how you mask.
It's not what you that you do mask, but what you're masking with as far as reducing transmission of particles out of yourself.
Some interesting research, and we talked a little bit about some earlier research in the area, and that is on the viral transmission.
And we talked a little bit about some earlier research in the area, and that is on the viral transmission. Again, number one, the infected person, what's the load, the viral load in this?
What's that look like? What's the number of particles as a rate?
Obviously, the more viral particles in us, the more we can we can expel.
Second is how many are we on average expelling when we're talking or laughing
or or coughing and so on um these things vary right and they can vary within us within a day
or even an hour uh how much our load is how much we we expel um again that's to be determined but
there is a lot of variation there so it's making making it difficult to, when you look at, say, a six foot rule and things like that, where does that come from? Because it wildly varies. Two feet
can be enough and sometimes 15, 16 feet's not enough. So it depends on how much we've got and
how much we're expelling. And then they talk a lot about the fluid dynamics, the research that
some of these engineers are conducting as they track and trace.
And, you know, it's obviously air turbulence and so on.
That's why ventilation is so important, replacement and all that.
So disrupting the viral flow, how long it stays airborne and so forth.
So interesting stuff.
it because the dynamics of crime which we'll talk about in a couple minutes and what we're seeing across the united states and how that type of activity becomes viral how it ebbs and flows and
in the same way so how many likely offenders are there clustered in different areas just like viral
load how many are willing to go out and and savage victim, harm somebody or a place like we're hearing with
Nordstrom and other retailers and so forth. And then what's the turbulence? What's the disruption
out there as far as weather, law enforcement, how well the retailers are working and working
together and so on. So a lot of parallels here. Switching over to the vaccine front, we always try to update.
I think we've all been looking for over a year now to hear about what's going on with the Novavax.
It's gotten clearance, and I believe it's in Indonesia.
They expect to submit their data here.
But the idea, again, is it would be another type of vaccine, much more traditional, many, many successful vaccines over
time to add to the mix with the mRNA and with the JMJ variants and so forth. So the idea of having
more, we know that there are 109 active clinical trials going on. In other words, 109 vaccine candidates, as we talked about, just
for the COVID-19 disease. 51, I'm sorry, 52 now in phase one, 46 and two, phase two, 42 in the
large, large scale phase three trials, now 16 with emergency use authorization and nine with full authorization now. J&J up in Canada fully approved.
So that continues.
We go over into obviously what's going on with the testing of some of these vaccines
with Omicron, both Pfizer and Moderna, at least so far I've seen have announced that
they've been doing a lot of heavy duty testing of their vaccine current vaccine with the Omicron variant to see what that what the response is with antibody and
cellular activity they also have announced both that they are able to because of them are in RNA
technology be able to switch out it should it need to be some of the the technology that they've got
to change slightly change the mechanism of action as far as the therapies again we talked a lot
about the Pfizer and Merck antiviral pills a lot of excitement around both I understand
especially with the Pfizer but this could change as more and more research
is done. But we know that because of the ability to provide the treatment and therapy in your own
home, the fact that it's very short term, that these pills obviously don't require any kind of
refrigeration, they can play a large role. But again, these are not designed to prevent the disease.
They're not designed to reduce the severity and response like a vaccine would.
They're designed that once we test positive or exhibit some symptoms, now we go on to
the therapy.
But they hold a lot of promise when we combine with good prevention activity or behavior with vaccination and then having some powerful therapies.
There's an oral NAC, not my area, but looking at the research, obviously, may reduce some of the COVID pneumonia ventilator needs.
So that's good news for those of us that could get seriously ill and get pneumonia as a result of having COVID-19
disease. And so there's a lot of testing around that. So there's some interesting plant-based
technology out there that they're driving from plants that block SARS-CoV-2 transmission
in some form. Vitamin D, which people have long talked about, even Fauci back in the day, seems to reduce lung inflammation, it looks like in some of the research.
So those are some promising things on the horizon.
So we'll switch over and talk a little bit about some of these flash robs, flash mobs, the riots, the mass theft and victimization that's occurring, particularly with more luxury goods.
And take a look at that. We see, for whatever reason, they're pretty dramatic scenes, but we
see the media seems to be traditional media waking up and at least thinking about it. We're seeing
some of the law enforcement response, but we're seeing some of the mayors and some of these
prosecuting attorneys that before were either turning their backs, it appeared, or were refusing to prosecute for property crime where people are victimized or property is taken from them rather than somebody actually did something physical that may be reversing course a little bit. We see Oakland, for example, the mayor's come out and they're reversing defund the police. They're trying now evidently pretty desperately to get back to some level, but they're
losing officers to other departments weekly, like thousands of other departments across the United
States. So in San Francisco, we see their DA doing a bow face and try and talk a little bit about
prosecuting some of these offenders for mass
crimes. But so we'll, the time will tell, understand there's a recall underway for him.
So we're not sure if this is a genuine, sincere understanding that all crime victimizes somebody
and that crime victims always suffer consequences, but too often it looks like criminal offenders do not suffer any consequences. So that's, that's what's going to be addressed with everybody as we partner together, use integrated action that's research or science space. So that's what we're trying to do is work with each other here. And at the LPRC on our board advisors we've added two assistant chiefs of
police to our board to help us work through plan our strategy our research and development do some
trialing on enhanced integration and partnerships in the field at all levels we're going to invite
in as well a couple of attorneys general people from their teams and some more localized district
or state attorneys, or in other words, prosecutors
to form those partnerships in a stronger way.
Stay tuned on what we're doing with SOCLAB
and of course, FusionNet,
which you've heard us talk a lot about,
but those are a portable platform.
And then also a Nexus just to learn how to better,
in the case of SockLab, to
better pull together all the data from all the sensors at a local enterprise or even a regional
market area and then make better sense of it more rapidly and for better single pane of glass type
of analysis and sharing. So again, we all have a common operating picture. Upcoming on with some
of the LPRC events, we've got an LPRC retailer member cluster call coming up December 9th.
December 9th at 6 p.m. Please get a hold of us at operations at lpresearch.org if you're interested
in joining the retailer cluster call. We've got two, and I believe it will be three three of the retailers that everybody's heard about in the media that have been hit by some of these mass thefts that will be sharing data around the events, the tactics, what they know, what they're doing, what they're trialing.
And so I look forward to that cluster call on LPRC cluster call, December 9th, 6 p.m. Eastern Standard Time, operations at lpresearch.org.
We're in heavy planning, I mentioned before, for LPRC kickoff hosted by Bloomingdale's at their flagship store in Manhattan the day after the NRF Big Show, which looks to be live.
which looks to be live. So it'll be January 19th at that Bloomingdale's flagship store from 8.30 a.m. till 12.30, just after lunchtime. Again, operations at LP Research, if you're an LPRC
member and you're interested in participating in that annual event, LPRC Ignite, which is the
gathering of the Board of Advisors, as well as the LPRC Innovate Advisory Panel is going to be on February
16th and 17th at the LPRC Lab Complex in Gainesville. So that's February 16th and 17th.
We're also in planning for S3. We're not sure if that's going to be part of Ignite or separate.
S3, meaning the SOC and Sensor Summit, where we're going to be, our command center, our SOC lab should be much, much farther along.
It's already got some capability now, as you all know.
So inside of our five labs as well, we've got now 176 technologies in there, with more coming every week.
coming every week. And then outside in the entire block, what we call the Safer Places Lab,
of course, is zone four and five areas just littered with all kinds of sensors of all types.
So we're working together again to pull data from all types of digital, visual, and aural sensors to make sense of the world. So we have earlier warning, better definition, and more capability
to be more precise in what we do and who we share with. So that's a little bit about what's going on
with the pandemic, with some of this mass crime, and then at the LPRC. And stay tuned, because with
the cluster call and other research, we really want to understand the difference. How are these
groups coordinating and communicating? You know, when you've got 80 people pull up at the same time and,
you know, dozens of vehicles, they're all, they've got sledgehammers and cutting tools.
That takes some planning. That takes the ability to communicate and to do all that
under the radar, if you will. So we want to better understand how they're communicating,
what's triggering this, what can be done to deter, what can be done to disrupt, what can be done to better document.
So let me, with no further ado, turn over the mic to Tony D'Onofrio.
Tony?
Thank you very much, Reid.
And again, great update on both COVID and what's going on at LPRC.
And those cluster calls sound very important based on what's happening.
So this week, I want to do a deep dive in terms of what happened this past holiday weekend in
terms of shopping and what are the trends that we're seeing as a result of Black Friday and
Thanksgiving weekend and Cyber Monday and so on. So let me start with data from the Wall Street
Journal and where they actually highlighted some of the things that happened on Black Friday.
The good news, as they stated, is that stores are back.
As the Wall Street Journal wrote, U.S. shoppers spend more time and money in brick and mortar stores over Thanksgiving than the same period last year.
Though food traffic remained below pre-pandemic levels.
The rebound was a reversal from 2020 when the pandemic accelerated a year-long shift of
holiday shopping online at the expense of stores. Retail Next, a firm that tracks shopper counts in
thousands of stores with cameras and sensors,
said store traffic rose 61% on Black Friday compared with last year,
but was down 27% from 2019 pre-pandemic.
Sensomatic Solution, which does the same,
tracked store traffic and said Black Friday traffic rose 48% from last year,
but it was 28% lower than in 2019.
The Thanksgiving holiday weekend was also the first time in years
that online sales didn't increase
from the previous year,
according to industry estimates.
Online Black Friday sales fell to 8.9 billion from 9 billion the year before,
according to Adobe, while Thanksgiving online sales were roughly flat at 5.1 billion, the
first time sales didn't increase since Adobe started tracking this in 2012.
Even deeper analysis on what happened this past weekend
was from change to rage.
As they confirmed, e-commerce sales got off
to a very tepid or soft start.
Thanksgiving weekend followed an unusually early start
to the holiday shopping and the deals and discounts.
Total online sales, as I said, fell to $8.9 billion
from $9 billion. While online spending on Black Friday was down from last year,
in-store traffic showed a big rebound and again it rose according to the change to age 47.5%.
Adobe analysis also indicates that online spending
on Thanksgiving Day remained flat.
Over Thanksgiving week, consumers spent $4.5 billion online
on Saturday.
November 27, down 4.3%.
They spent $4.7 billion on Sunday.
November 28, which was down 0.5%.
This marks the first time again that the online sales have not increased.
Adobe still expects Cyber Monday, November 29, to be the biggest online shopping holiday of 2021,
with sales between 10.2 and11.3 billion in online spend.
One segment of Black Friday digital sales with digital strong growth was mobile sales.
According to Adobe, smartphones accounted for 44% of online sales on Black Friday,
which is up 11% year-on-year.
sales on Black Friday, which is up 11% year on year.
Smartphone visits accounted for 62% share, plus 2% over a year compared to that.
New desktop, 38% share of Black Friday digital sales.
I can confirm I was one of those.
I bought two brand new iPhones during this holiday season.
So that seems to be the place to race.
So what does all that mean?
And what does it mean in terms of the holiday season?
And what are the big takeaways? And for that, I'm going to turn over to eMarketer and what they said.
And what they said is what we're seeing is this is a holiday season in transition.
is this is a holiday season in transition.
Part of the drop in in-store traffic to compare 2019 is related to more overall spending moving online.
Consumers are also spreading their spending
over a greater length of time.
Part of that reflects supply chain issues and inflation,
likely short-term challenges,
and consumers becoming more savvy about bargain hunting
whenever those deals may be found. Ahead of Black Friday, 63% of holiday shoppers are falling
victim to stockouts. Two Black Friday out-of-stock messages on e-commerce channels
were up an amazing 124% compared to pre-pandemic levels.
54% of shoppers are experiencing higher prices than last year, and 37% are finding less discounts
than last year.
Regardless of the reasoning, 61% of shoppers have begun buying their holiday gifts before
Thanksgiving, according to the NRF.
Also, one of the key takeaways from this shopping season is that the actual Thanksgiving Day
as a shopping day is under decline, with retailers such as Best Buy, Walmart, and Target
deciding to close stores for that holiday.
In-store traffic dropped 90% from Thanksgiving Day 2019. While Target said this
change is permanent, if the seasons remain weak, it'll be interesting to see if they change their
mind. Shoppers spent, as I said, $5.1 billion on e-commerce transactions on Thanksgiving Day,
which was flat. So they didn't switch online.
SR on Thanksgiving Day,
we actually did take a break from shopping.
The other key takeaway is that COVID is still a thing.
The NRF projections were made before the Omicron
that we just talked about,
the new variant that's emerged out of South Africa.
Sensomatic found that on the whole,
consumers were more likely to flock in stores
in regions less concerned with COVID-19.
The South, sharper traffic was closest to 2019 levels.
The Midwest, West, and Northeast followed in that order.
So if you were concerned about COVID, you tended to go less in stores.
While there may be many reasons for this, it's not all doom and gloom.
Again, they are expecting a very strong cyber Monday, as I mentioned,
reaching as high as $11.3 billion from Adobe.
And the NRF is still projecting that sales this year will rise 8.5% to 10.5% overall,
which is the second highest, with the highest actually being last year.
So in summary, what are the huge takeaways out of all this holiday season so far?
The data so far backs up that U.S. sales will continue to rise
with consumers shopping earlier, mindful of supply chain challenges and stockouts. There have been
19 days this holiday season with e-commerce activity surpassing 3 billion or more,
according to Adobe. At this point in the year, this time last year,
there was only five days.
So again, we're spreading a lot more
in terms of how we're buying.
70% of consumers told Deloitte
that they began their holiday shopping
before the end of October compared to 66% in 2020
as 61% in 2019. And finally, even with the supply chain issues, even if the issues
are not the same in 2022, this long holiday shopping season is here to stay. And I think
retailers are going to push for it because it's going to allow them to bang sales earlier in the season
versus focusing on just a few days. And consumers have shown that those shop whenever they find the
best deals, no matter what time of the year, getting close to the holiday season. And this
actually matches to what happened in China with Singles Day. I've talked about this in the past. Singles Day used
to be a one-day event, which generated about $8 billion to $10 billion in one day in China.
It's now a shopping festival that begins in October and ends November 11, and then generated
$139 billion this year. So this long shopping season is here to stay with us.
And with that, let me turn it over to Tom.
Thank you, Tony.
Thank you, Reid.
Just wanted to cover a couple of things.
One, I wanted to start with something
that we talked about on the podcast a couple weeks ago,
which was related to Bitcoin and Kroger.
And this is one of the interesting things
about Bitcoin and Kroger. And this is one of the interesting things about Bitcoin and cryptocurrency is along with myself and pretty much everybody in the Associated Press, there was a press release that was a hoax.
Kroger is not accepting Bitcoin. They actually made a public statement saying that, you know, this was not them that made the statement. And we reported on it the day it hit the newswire. It took a few
days to kind of go through the newswire to say, no, this was not an accurate, was someone
representing Kruger. And this really kind of aligns with when we talk about crypto and
Bitcoin, some of the concerns about an unregulated currency and some of the things that occur.
So although this is definitely anecdotal,
the thought is that a group of individuals with pretty substantial resources, because they really
took a lot of time to make this look official, did this to possibly change or inflate the actual
value of Bitcoin for that day. This isn't the first time it's happened. It's actually happened multiple times where there have been hoax press releases or someone from an influencer
status that makes a comment that directly affects the price of a crypto. This is specific to Bitcoin
today. And it's one of the things that constantly comes up in an unregulated environment where, you know, arguably someone on the Internet with a following could impact the actual, the whole entire ecosystem of the Bitcoin.
So I wanted to just make sure that we revisited that.
And I thought it was very interesting news when it came out and thought it was odd that a grocer would take that stance and without really explaining how they
would take it. But I thought it was pertinent to say that it was a hoax. With that, I do want to
talk a little bit about cryptocurrency and some of the things that are occurring because not just
Bitcoin, but crypto is in the news daily. Just last week, you know, El Salvador, who is one of the three countries that accept Bitcoin as, you know, currency, actually made a public statement they were going to build a Bitcoin city.
And this is a really interesting story. I actually thought this was a hoax at first because of all of the things that went into this.
The president of El Salvador, regardless of whether you agree with his political views or not, is 40 years old and is a Bitcoin fanatic and wants to build a city called Bitcoin City. And interestingly enough, wants to use the power of a volcano to help drive mining of Bitcoin.
that was shaping the city round like a Bitcoin, and then fund this by creating a billion dollar bond versus the government and pay 6% interest. So as Bitcoin and crypto continues to go into the
news, you have to kind of sift through what's accurate or not. This story at this point seems
to be confirmed, but it just kind of continues to say some of the things that occur around crypto or Bitcoin.
And then just two other kind of stories around this, because I think it's in the news with cryptocurrency,
is this year, Bitcoin transaction fees are down almost 50%, which is substantial.
One of the challenges with crypto in general is that it costs a substantial amount of money for an end user to move it.
in general is that it costs a substantial amount of money for an end user to move it.
And in some cases, if you have crypto and you're trying to move it from one place to another, you can pay exorbitant fees to the broker to move it. So being down 50% kind of aligns with
the positioning to make it more of a feasible transfer of goods. So if the fees are too expensive,
no one can use it from a merchant standpoint. And then end users tend to kind of keep it where it
is. So that's something that we should absolutely and will keep an eye on because I think it will
play a role in how it's going to be used in the near and far future.
One last thing on Bitcoin before I change over, which is probably more directly related to the LPRC
and what we do is follow the money
is what the bad guys usually do.
So when we think about some of the fraud
that occurs related to Bitcoin,
we don't talk about it.
Right now, there is a focus from criminals
targeting Bitcoin ATMs.
As the popularity grows for crypto, the fraud is starting to surge.
And so this was a report that NBC and a couple other major news organizations addressed.
And what it talked about was the fact that as Bitcoin ATMs became or crypto ATMs became more prevalent,
the fraudsters were attacking them the same way they did with cash ATMs. And there is this
underlining thought of because of the anonymous nature of Bitcoin and these ATMs being unregulated,
how they're investigated and who finds out about the fraud. So there are about
26,000 Bitcoin ATMs today. And that's a huge rise from about 4,000 in January of 2020. So you can
clearly see there's a big difference. And what a Bitcoin or a crypto ATM is it allows an end user to go and actually convert their crypto into cash
in real time and back to those fees there are fees associated with it but it is an avenue that is
actually a really easy avenue to either buy crypto or actually convert it to cash and they are being targeted at a very, very high rate from fraudsters.
There's also several reports from the DEA and some other organizations following the anti-Mundan laundering that's occurring in these devices and trying to figure out how they can be regulated.
Most of the companies that manage Bitcoin ATMs that I'm aware of are legitimate, and they're very open and public about what they do and try to report to the best of their ability, but it is still gray in some situations.
There was actually, and like I said, these legitimate, because these are legitimate companies, they do report.
Jersey, there was actually a commission report that in between 2015 and 2020, and I just want to keep in context, it's a five-year period with a very small number, if you think of under 4,000
ATMs nationwide. In Jersey alone, there were $70 million deposited in a five-year period in a very,
very small number of ATMs. So when you think of that number, and you're at
that stage in 2015, you were talking about, you know, 10s of machines, not even dozens at that
point of machines in the state of New Jersey alone. So when you think of an all of the United
States being 4000 machines in January of 2021, state reporting 70 million dollars and uh the challenge
is how do we manage that it is still uh largely unregulated and i think there's more regulation
to come uh and i'll i'll round out that that piece of it because i think uh you know while crypto is
very interesting it's still very new to all of us i wanted to just talk also about something we
talked about before we talked about regulation that was was coming based on some of these breaches that have occurred. And we've seen a lot
of different things at Congress and their bills to look to be passed about breach notification and
how this affects the financial sector and the retail sector is very pertinent. And one of the things is just this week, the U.S. banks must report significant cybersecurity
instances within 36 hours.
This is a big win because in the past, banks had some very gray area on reports.
So what was a cyber incident?
What declared a breach?
What was required was limited in the financial sector.
Believe it or not, they had more protective pieces around them. And based on some of the larger breaches that have occurred, this new rule says the U.S. financial institutions must report a significant cybersecurity incident within 36 hours. And that's great because they use the word cybersecurity incident. For those of you that have heard me speak about cybersecurity, get away from the word breach,
get away from the word of that and talk about incidents because it's very hard to determine
what's a breach for you might not be a breach for me, what information is considered pertinent.
So by designating cyber incident, which is recognized by the FBI. It encompasses not just a loss of data,
but an infrastructure break or a significant attack. This is great for everybody on the call.
It may not feel great for the financial institutions, but for the consumer population,
this really allows you to get a much greater lens on what's occurring. And in the past five years,
it wouldn't be uncommon
for you to find out that there was a breach several months, if not even sometimes years in
the past, or a cyber incident may not have ever been reported because it wasn't deemed a loss of
data. So as we continue to see this, one of the things that we should expect to see is similar
legislation coming across to retailers and other corporate entities to make sure that there is, you know, a cybersecurity incident notification process.
There's still some gray in this in the next, you know, probably three to six
months as this, as incidents continuously occur. We'll see what, what kind of is put flushed out.
I think the great thing here is the way that it's written is that it's implying to a financial
institution that if, if there is a cyber incident, it needs to be unsignificant to not
report. And I'm not having a play on words here. A reasonable person would not determine that a
financial institution cyber incident is unsignificant. So the way the law is written,
it really is pushing towards regulatory compliance. There are some talks about penalty.
This is not all set in stone.
It's really a rule at this point.
So there isn't necessarily a law as much as regulatory pieces for the financial sector.
And I think one of the things that was really slated is that it could also include denial
of service attacks, which in the past
has not been something that a company would report. So this is the really good news for all
of us. And I think in the past 18 to 24 months with the coronavirus and all the things requiring,
we've seen a huge increase in the attack factor in the cyberspace. So this is just another victory for the end user
to make sure that they can understand
what is occurring that's out there.
Something else that occurred in the cybersecurity
or risk spaces, and we've talked about this,
I think we're in, I could be wrong,
I think we're in week 89 of the pandemic.
So this podcast has been going on
since really the beginning of the pandemic.
And we talked about the quick switch to remote work and the quick switch for people to have to manage that. And
we've talked many times about a zero trust environment. And what a zero trust environment
is, is a strategic initiative that really helps prevent successful data breaches or cyber
incidences by the concept of, in basic generality of that you trust no one
so you create this environment that is everything is assumed to be a possible potential problem and
you slowly peel back so you lock all the doors and windows in cyber security world and you don't
open them until they're needed versus a place where to, you know, in the past, you would
kind of have that pendulum swing. So zero trust has a lot to do with cloud infrastructure, but
the basic premise is I trust no one or no device until I deem it that it's safe versus I know that
Tom is safe, so I'm going to let him have access. It's I don't trust Tom so I'm going to limit what has access to. And this was not a new term in cybersecurity world but it was
you know kind of this challenging environment when you went to remote. One of the things that
really has occurred in the last 18-24 months that a zero trust architecture has shown to increase cybersecurity efficiency by up to 144%.
And this is great news because it's showing that while this is a little bit more challenging,
we're actually seeing an actual tangible impact when we institute a zero trust environment on
cybersecurity risk and cyber instances. And we talk on this podcast often,
I talk about ransomware and the increase of ransomware.
Well, one of the things that we're able to identify
is that in a zero trust environment,
there's a direct reduction in ransomware.
So while introducing a zero trust environment
can sometimes be challenging
because when you first do this,
you have a lot more things to open.
What you see in this particular study that I'm citing is that in a zero-trust environment,
they've actually seen almost more than half less likely to be a victim of ransomware. So
this is going to be a living, breathing animal. And I think everybody on the podcast is listening
in a corporate environment will probably eventually go to that true zero trust environment where every device and every
person is considered to be a threat until deemed otherwise. I think this is definitely a space for
everybody who's on the call to listen to because as we, whether we're in the realm of the academic
space, the retail space, the law enforcement
space, as we continue to have internet of things devices added to a network, this zero trust
infrastructure will become a big play in how we implement security going forward. And I think
we're in a great spot. I think if you talk about all of the negative things that came out of the
pandemic, this is one of the things, learnings had to, in a very real time, understand how do we deal with a truly hybrid
work environment and still protect ourselves. So a lot more to come on that. I think this is
the first of many where we really actually see a benefit from some of the challenges that
arise from COVID. And with that, I will turn it over to Reid.
All right.
Thanks so much, Tom, on all those updates.
Tony, fantastic information as well.
And so I just want to remind everybody, a lot going on.
Check out lpresearch.org.
So much coming up, so much that we're all dealing with in the way of theft, fraud, violence,
intimidation, and infection. So we're here for you, lpresearch.org. So everybody stay safe and
stay in touch. Thanks for listening to the Crime Science Podcast presented by the Loss Prevention
Research Council and sponsored by Bosch Security. If you enjoyed today's episode, you can find more crime science episodes and valuable information at lpresearch.org. The content provided in the
Crime Science Podcast is for informational purposes only and is not a substitute for legal,
financial, or other advice. Views expressed by guests of the Crime Science Podcast are those
of the authors and do not reflect the opinions or positions of the Loss Prevention Research Council.