Security professionals are challenged by a negative perception that exists in the security industry, and most likely in their organizations. Physical security is often viewed as a cost that is more of a burden to the organization than a benefit.
When the security team does its job well, focusing on preventative measures and proactively anticipating incidents, it may appear they are not doing anything because no major incidents are occurring. Security can also be viewed as a blocker that limits strategic thinking, rather than a department that provides innovation, new ideas, and ways to generate income for the company.
This negative perception can limit the potential of the security department, both for the people that work in physical security and with the budget. A smaller budget may not have the type of impact the organization would desire.
COMPANIES OFTEN MISUNDERSTAND THE TOTAL VALUE OF INVESTING IN SECURITY
Organizations need to understand a security program should not only be measured on its ability to respond to alarms or prevent incidents, but also by how it can deliver information that can help digitally transform processes, drive change, increase productivity, and improve the customer experience.
Smaller security budgets can lead to gaps in the security program or exposed vulnerabilities. Security practitioners have a lot of innovative ideas that along with the right technology can provide value to other departments, and can even generate income for the organization. Security professionals must demonstrate the value of their program to department heads in IT, HR, facilities, finance, and marketing, plus others, and show how a comprehensive security program can benefit their departments too.
HOW CAN SECURITY PROFESSIONALS DEMONSTRATE THE TOTAL VALUE OF THE PROGRAM?
First, colleagues must understand the role of a security professional. A security practitioner guides his organization through the journey of enterprise security risk management. They optimize spend, mitigate risk, enable automation and help deploy security programs via technology and personnel. They deploy a digital security infrastructure that can harness data and provide value to other parts of the organization through sharing that data with colleagues in other departments.
Sharing data helps improve overall company processes. Once departments start working together, they will uncover synergies between them to learn ways they can work together to streamline processes. This could result in saving time, money, and headaches in the future.
Security often works in a silo, and sharing data across departments, shows they are a team player and demonstrates they have the best interests of the whole company in mind, not just the security department’s interests. And this is bi-directional - there is data from other departments that could be valuable to the security side.
The biggest reason it is critical to share data is to share a budget. If an organization can work together, they can deploy more systems and technology, reduce vulnerabilities, and have a better security program overall to keep employees and visitors safe.
IT’S ALL ABOUT THE DATA
Modern physical security systems are IoT devices and generate high volumes of data. Consider everything that is part of the physical security ecosystem: access control, alarm systems, fire systems, building automation, video, incident and case management, visitor management, etc.
Sifting through all the data is the first challenge. Analytics engines and machine learning can analyze data to find the most meaningful, and most importantly, actionable information within the vast amounts of data collected. New technologies need to find interesting data that they can do something with when they find it. For example, in the banking sector, analytical systems scour credit card holder’s data continuously. When an anomalous transaction is found, the bank takes action. It shuts down the credit card or has an operator call the card owner to prevent further damage.
Another challenge is determining how to use the data. The data is generated and there are analytics tools to process it, but what does an organization do with it? At this stage, everyone is collecting large amounts of information, but there are minimal use cases regarding how this data can be used. This creates an opportunity for the security department.
WHERE DOES THE DATA COME FROM?
Several physical security systems provide data end users can leverage such as video management systems, access control, and visitor management platforms.
As video surveillance systems evolve, they are starting to identify people and objects with increasing accuracy. Video analytics systems can count how many people are in a room, identify them through facial recognition, and flag any unusual behavior such as running or walking against a crowd. When a camera can tell if a person is in a room and also what that person is doing, or even where their attention may be focused, this can provide benefits for facilities and marketing departments to better perform their jobs.
An access control system allows people in and out of doors. Think about the many uses for that type of data. Security directors, along with department heads, will know who was in a building, when and for how long. It will provide an employee’s patterns as they move through a building. This is critical during a crisis or while investigating incidents.
An automated visitor management platform allows an organization to gather valuable data from their customers or visitors. These platforms capture how many visitors are in the building, customer or visitor traffic throughout a building, how long they are inside a building, and when they leave. A visitor management system can block unwanted or potentially dangerous visitors from entering a facility while also keeping companies in compliance. They can also help onsite restaurants plan for catering or for VIP guests.
HOW IT BENEFITS DIFFERENT DEPARTMENTS
Facilities departments need the information to determine how much real estate is needed to support staffing requirements and building management systems. The data derived from access control systems can measure foot traffic by location and by the time of day. This data will help determine if space needs are being met and if additional resources are required.
Facility managers can tie access control data to building management systems to automatically turn off lights and turn down the heat when a room has been empty for some time, saving on energy costs and environmental impact.
Marketing personnel study buyer behavior and how customers select their products and services. In a retail environment, in-store video analytics can measure hotspots, traffic flow, dwell time, and product display activity. Sensors can provide insights into the customer journey throughout the store, and how to optimize window and display effectiveness. For example, store owners can sell highly valued end cap space. Having the data to show that 80% of people stop at a particular end cap space as they walk through the store validates how important that space is, and now makes security a revenue generator.
Warehouse/operations departments care about safety and efficiency. Video analytics can help optimize warehouse production flow, bottlenecks, and traffic patterns. It can help with inventory management and detect leaks or spills. Alerts notify department managers of changes in normal behavior.
Legal departments protect the company from fraud, intellectual property theft, and trade theft. They are heavily concerned about compliance, NDAs, and audits and need to take a proactive approach. Visitor management systems can ensure NDA agreements are in place before a visitor arrives. Identity management systems can ensure an employee has insurance before they are allowed on the runway at an airport.
Physical identity and access management platforms can help human resource departments with onboarding and offboarding. No one should have access to a building until they are an active employee, and access should be immediately removed once terminated.
Studies show that 21 days before an employee quits, they change their patterns. Access control data can predict anomalous behavior. Typically, people are responsible for the same thing each day. If their behavior changes, such as a manager starting to be repeatedly late, this could indicate they are planning to resign.
With a greater focus on cybersecurity in organizations, IT departments can see what a person is doing on their PC, but find it’s much more useful when they can tie that to a person’s physical actions. For example, tying metrics of IT logins to physical security system logins and matching them up can show potential issues if someone is logging into the network from a place they are not sitting in.
As more parts of the business use security to benefit their departments, they will look at predictive data analysis with the use of machine learning. This can spot trends, identify risks and help determine future courses of action.
Collaboration between the different teams is the key to the success of any business. Different departments can leverage big data, applying machine learning and AI systems to create actionable data, improve their performance, and in the end, change the perception of the security department to a strategic-thinking, business-enabling, and income-generating department while driving innovation.