Download PDF version Contact company

Surveillance systems can track the locations of cellphone users and spy on their calls, texts and data streams. The Washington Post has reported on such systems that are being turned against travelers around the world, according to security experts and U.S. officials. The summer season highlights the need to take extra precautions when traveling.

When traveling anywhere in the world, for business or pleasure, citizens need to be aware of and alert to looming physical and cybersecurity threats.

To elaborate on expert security tips, strategies and advice for traveling this summer, we presented several questions to The Chertoff Group, a global security advisory firm that enables clients to navigate changes in security risk, technology and policy. Chris Duvall, Senior Director at The Chertoff Group, offers insights into cybersecurity concerns, physical security precautions, and recommends digital resources/apps for consumers while traveling.

Q: How are security risks – physical and digital – changing? Why are threats greater today than five years ago?

The exponential number of headlines over the past few years is a strong indication that both physical and digital risks are evolving and increasing

Duvall: The exponential number of headlines over the past few years is a strong indication that both physical and digital risks are evolving and increasing. The scope, severity and complexity of physical and cyber risks are increasing and becoming more dangerous and destructive. This is especially true for those traveling outside the U.S.

On the physical side, threat actors are actively seeking “soft targets” – public events, social settings, mass audience venues, etc. – to communicate their message, sow chaos and inflict catastrophic harm.

On the digital or cyber side, we have seen a shift from “thrill hacking,” to an increase of “hacking as a business” (through credential compromise and ransomware), to an increase in “hacking for harm” - with the rise of “nuke ware” and ransomware without a clear financial motivation.

Q. What specific precautions should a traveler take to protect their calls, texts and data streams from being spied on?

Duvall: When traveling abroad, we recommend to our clients that their personnel and executives should practice good internet and social media hygiene. Some best practices include:

  • Avoid using public Wi-Fi services—unless you use private VPN service for encryption
  • Increase the privacy setting on your technical devices
  • Disable location identifiers on apps
  • Create a new (unlinked) email for internet correspondence
  • Consider purchasing international MyFi devices to decrease the risk of getting your personal identification information (PII) or protected healthcare information (PHI) stolen 
  • Use temporary (i.e. burner) phones to protect your data and your contacts

Q. What cybersecurity concerns are likely to impact travelers? Are the threats greater outside the United States or in any specific parts of the world?

Significant precautions should be taken to protect personal electronic devices (PEDs) and the data connected to PEDs

Duvall: The international cybersecurity landscape has grown increasingly dynamic, with threats posed by government authorities (in some countries), terrorists, insurgents, and criminals, requiring travelers to be proactive and vigilant. U.S. citizens, particularly executives of U.S.-based technology companies, must be aware that they are considered high-value targets for nation-state intelligence services and criminally-motivated bad actors. Many countries will go to great lengths and expense to acquire and exploit proprietary information from U.S.-based companies, and views U.S. executives visiting the country as “soft” targets of opportunity. As such, significant precautions should be taken to protect personal electronic devices (PEDs) and the data connected to PEDs. The tactics, techniques and procedures (TTPs) utilized by bad actors are often covert and nearly undetectable by the affected person.

Threat actors routinely access, monitor and utilize Wi-Fi networks at hotels and in public spaces to compromise target devices. Other targeting methods include luggage searches, extensive questioning, and unnecessary inspection and downloading of information from personal electronic devices.

There are numerous, high-risk countries for which the U.S. Government warns travelers to be wary of mobile malware, mobile device privacy attacks and hot spots for mobile botnets. The U.S. Department of State has the most recent and up-to-date list. For example, the U.S. Government has investigated numerous incidents in which U.S. travelers’ PEDs (personal and company devices) have been compromised by Russian authorities while transiting Russian airports, left unattended in public spaces and in travelers’ hotel rooms.

	Protect your personal information and travel itinerary as much as possible
When traveling to an unfamiliar place, research your destination to understand the local roads and transportation, geography, local roads, culture, etiquette and laws

Q: What physical security precautions should a traveler take?

Duvall: Here are some useful precautions:

  • When traveling to an unfamiliar place, research your destination to understand the local roads and transportation, geography, local roads, culture, etiquette and laws.
  • Protect your personal information and travel itinerary as much as possible.
  • Limit the amount of jewelry worn, cash, credit cards and electronic devices carried while traveling.
  • Avoid staying on the ground floor of a hotel. Consider choosing a room on the 2nd through 7th floors as these rooms may be more difficult to break into than those on the ground level, but still able to be accessed by fire/emergency response equipment.
  • Never answer your hotel room door for anyone until you’ve determined who they are, why they are at your door, and if it is necessary for you to open the door to interact with them.
  • Carry a rubber door stop/wedge with you to install on the room side of the door before you go to bed.
  • Vary your patterns and routines when venturing out in to a new location, do not become predictable.
  • Politely decline offers of food or drink from strangers (If you do accept beverages, ensure that they are in sealed containers and that there is no evidence of tampering).
  • Never discuss your itinerary, personal, business or other sensitive information where others can hear you.

Q: How can companies be proactive in protecting their business travelers?

Companies should educate their employees on the importance of maintaining good internet hygiene while traveling abroad

Duvall: When traveling on business, companies should provide their employees with clean computers and cell phones before departure. Upon return, the company should immediately wipe the computer clean to prevent any malicious threats from penetrating the company’s internal, cyber-infrastructure. Additionally, companies should educate their employees on the importance of maintaining good internet hygiene and recommend their employees disconnect from social media platforms while traveling abroad. Some general tips to recommend to your employees when traveling abroad include:

  • Register in the Smart Traveler Enrollment Program (
  • Visit Travel.State.Gov to view travel related information specific to the country or countries you’re visiting, including local US Embassy or Consulate contact information, as well as current travel advisories and alerts.
  • Always leave a copy of your transportation and hotel itinerary and driver’s license (or passport if traveling internationally) with a family member or trusted friend.
  • Always use a baggage tag with a protective cover
  • Avoid using public Wi-Fi services

Q: What digital resources and/or apps might a traveler benefit from (and how)?

Duvall: The Chertoff Group recommends researching the below travel-related Apps before departing on a trip:

  • TravWell: This app provides destination-specific vaccine recommendations, a checklist of what you need to do to prepare for travel, and a customizable healthy travel packing list. The app can store travel documents, keep records of medications and immunizations, and set reminders to get vaccine booster doses or take medicines.
  • My TSA: This app provides real-time updates on airport delays. It includes how long security lines are at various airports; information about what you can and cannot bring onto an airplane; and a frequently-asked question list, including new advanced imaging technology.
  • Border Wait Time: The app provides estimated wait times and open-lane status at land ports of entry, which may be particularly helpful when in an area with multiple crossings.
  • Mobile Pass: The Mobile Passport app speeds you through U.S. Customs and Border Protection at (1) cruise port and (24) airports

Q: As a security expert, what’s your best advice for travelers?

Duvall: At the end of the day, travel security is not rocket science. Simply put, travelers need to:

  • Be aware and situationally alert at all times.
  • Be aware and situationally alert to the location of your luggage and carry-ons at all times.
  • Don’t access unknown, unsecured or public Wi-Fi if at all possible.
  • Turn off “auto connect” features and institute stringent privacy controls as much as possible.
  • Try to “blend in” – you don’t have to try to look like a local but travelers should avoid gaudy and expensive attire wherever possible.
  • Use your common sense – if an offer, invitation or opportunity seems to good to be true... it probably is.
Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version Download PDF version

In case you missed it

Open Options Paves the Way for New Customers in Access Control
Open Options Paves the Way for New Customers in Access Control

For more than 22 years, Open Options, Addison, Texas, has developed access control solutions that connect to leading security technologies to deliver a full-scale solution based on each customer’s unique needs. In 2018, Open Options was acquired by ACRE, which already owned the Vanderbilt and ComNet brands. To find out the latest, we interviewed Chuck O’Leary, President of Open Options. Q: It has been two and a half years since Open Options was acquired by ACRE. Briefly describe that transition and how the company is stronger today because of it. O’Leary: The ACRE transition really focused on integrating our access control solution, DNA Fusion, with Vanderbilt Industries technologies in order to further our reach in the market and enhance our portfolios. With their support, we have been able to accelerate innovations and expand our global reach. Overall, it has been a great experience to be a part of the ACRE organization, and it has opened the doors to new opportunities for us both here in the states and globally.  Q: What is "Connect Care" and how does it benefit integrators and/or end user customers? O’Leary: For those unfamiliar with the world of access control, it can often be a little overwhelming when first introduced; however, we strive to make our products as easy to use and intuitive as possible, with Connect Care being no different. Connect Care is a system that has been specifically designed to create the most connected experience in the security market Connect Care is a system that has been specifically designed to create the most connected experience in the security market. It serves as a 24/7 bridge from our customers to services like technical support, platform support, professional services, and training. By providing these options for our customers, we can better empower them with the knowledge and expertise of our DNA Fusion access control system and ensure their success with the product.  Q: Who are the new customers entering the market for access control systems in the wake of the pandemic, and how should they be approached/managed differently? O’Leary: Over the last year, there has been a huge demand for access control systems as remote work increased due to COVID-19, and even now, as employees and students are heading back into the offices and schools. Organizations are realizing that having an outdated security system is no longer robust enough for the rapid advancement of technology that we witnessed over the course of the pandemic, and really the past few years. For those who are just dipping their toe into a new access control deployment, the most important thing they can do is to search for a provider who has a solution that is easily integrated, scalable, and provides excellent training and resources. Q: Define the term "touchless access control" and explain why it is gaining a higher profile in the post-pandemic world. O’Leary: The interesting thing about access control is that it has almost always been touchless. Many organizations are looking for robust solutions that are touchless and can be utilized remotely, and it's fairly easy to understand why a solution like this would become widely popular because of COVID-19. Integrators are searching for access control systems that will serve as a proper solution for organizationsThe process of using access control to streamline security infrastructures is not a new concept by any means, but due to the rapid development in technology over the past few years, more integrators are searching for access control systems that will serve as a proper solution for organizations, while still supplying the touchless and remote-based features. Q: What do you see as the future course of the changing technology trends we see in today's market (such as mobile credentials, cloud-based systems, cybersecurity, etc.)? O’Leary: As we continue to tread through the different technological developments in the market today, we are noticing that mobile credentials and biometrics are becoming increasingly popular. As cybersecurity and mobility continue to become more important, we are also seeing the rapid jump to the cloud. By utilizing cloud-based systems, an organization is not hindered by a lack of storage or old software and gains the flexibility to scale their security system as their business grows. Q: How will the access control market look different five years from now versus today? What about 10 years from now? O’Leary: Within the next five years, I suspect that access control will continue to make the move towards cloud-based systems and utilize mobile credentials and biometrics. In 10 years, I think all access control will be open platform and many more organizations will embrace cloud solutions for increased functionality. Also, innovations will continue to be the drivers behind new deployments with some installations being biometrics only and include recognizing fingerprints, retina scans, facial recognition, and voice. Q: What is the biggest challenge currently facing the access control market, and how should manufacturers (including Open Options) be addressing the challenge? O’Leary: One of the biggest challenges facing the physical access control market is organizations actually making the shift to more up-to-date access control systems. Organizations are looking to adopt more digital-focused access control experiencesOrganizations are looking to adopt more digital-focused access control experiences — ones that are focused on integration, newer features, cybersecurity, and ease of monitoring. Access control manufacturers should be addressing this challenge by creating integratable, scalable systems that are easily managed and provide a structured, streamlined approach for an organization’s security infrastructure. Q: What is the biggest misconception about access control? O’Leary: Access control is not a one-size-fits-all solution, and some organizations might have different standards or assets that need protection. This is why it's vital to know the risks your organization faces when speaking with access control providers — to ensure the best possible outcome for your specific needs. It's important to remember that whatever access control system is chosen should proactively mitigate any risks, be easily taught to and successfully used by employees, and be scalable with your organization. No matter the line of work, a proper access control system should streamline the security infrastructure and lessen stress on the security team and employees.

Automatic Gates – The Latest Development In Access Control
Automatic Gates – The Latest Development In Access Control

Automatic gates remain an increasingly popular security choice for family homes, business premises or public buildings – anywhere that full control over access is needed. While there is much to consider for installers when advising clients on the right solution for their property, from the size, weight and cost of a gate system, it’s useful to be aware of the latest developments in the market, as this can help to find the right option to fit their needs. The need for speed Gates can be automated to either swing or to slide open, and there are many factors to take into consideration, when advising on which option to use. However, swing gate motors tend to be slower than the speeds achievable for sliding gates, which means the latter are usually more popular, especially for commercial sites where timing can be among the more important factors. One of the most recent developments in the sliding gates market is the introduction of faster motors One of the most recent developments in the sliding gates market is the introduction of faster motors, such as those from Bft Automation, which allow for opening and closing at a quicker speed than has previously been achievable. Fast authorized access control From a security point of view, the ability to allow people and goods in and out of a property at a quicker pace reduces the risk of unauthorized entry, while waiting for a gate to close – an important consideration in both commercial and residential contexts. Other benefits of a faster motor include reduced waiting times. This can be particularly useful for properties in busy areas, where a vehicle could risk blocking traffic, while waiting to turn into a site controlled by a slower gate. Faster motors Also, a faster motor could potentially reduce the risk of an accident from vehicles entering a property at speed. For example, this might happen if someone was making their first visit to a property situated off a fast road in an unfamiliar area. Beyond these practical considerations, in today’s fast-paced world, people aren’t as used to having to wait for things and this applies to the time it takes to get in and out of their own property. So, security benefits aside, faster motors are likely to be more appealing for clients who have sliding gates fitted to their domestic property and who prioritize convenience. The choice of which of the new faster motors to use will be impacted by a number of factors, including the weight of the gates. Essentially, the lighter the gate is the higher the speed achievable. And, as always, it’s important to make sure that any installation complies with safety regulations. Intelligent torque management systems A further development in access control technology includes intelligent torque management systems A further development in access control technology includes intelligent torque management systems, which update the level of torque required to perform the gate’s operation, allowing it to work at the optimum level, regardless of weather conditions, temperature or the degree of wear and tear on the device. Depending on the typical weather conditions experienced at the site and the anticipated frequency of use, it’s worth looking at options that take these factors into account. Importance of security rights In some scenarios, it’s important for particular individuals to have security rights. In which case, there are motors available that come with personalized keys, which are unique, providing an additional level of security. Installers often face the challenge of fitting gate motors in confined spaces, potentially making for a time consuming and technically demanding task. Available space When you only have a small space to work with, simple details can go a long way to helping you. For example, by putting the fastening screws on the front of a motor’s casing, installation and maintenance are easier and more convenient, even in particularly compact areas. Working with suppliers that offer more than just a manual means you’ll have access to advice and support on how new products work in practice and what you need to consider before advising on an installation.

What Are The Security Challenges Of Public Events?
What Are The Security Challenges Of Public Events?

Large public events were out of the question during the depths of the pandemic. However, public events are likely to experience a resurgence along with a more optimistic outlook in the coming months. In addition, there will likely be pent-up enthusiasm for these events among individuals weary from months of isolation. We asked this week’s Expert Panel Roundtable: What are the security challenges of public events planners in 2021?