There are ideas and concepts that you come across that you realize immediately were not developed for your particular endeavor, but nonetheless are very appropriate. As physical security is becoming more oriented around industrial IoT, Big Data, machine learning, and other areas of data science there are some useful ideas for physical security professionals to consider. One of these is “data gravity”; the nature of large amounts of data to draw in applications and processes that take advantage of the presence of that data. If you’re running an IP-based physical security system, you may have already noticed that whether it’s a PSIM (physical security information management), Viakoo for automated system verification, or numerous advanced video analytics applications, there are now a lot more applications being drawn towards the data present in IP-based physical security systems.
As with most things in life that develop at a rapid pace, the Internet of Things (IoT) may have early adoption issues but ultimately will function smoothly over time. Both the personal and enterprise benefits of living in a fully connected world where everything has some connection to a network will ensure that IoT adoption continues to expand. The current issues around cyber secure and functionality of systems are being addressed, paving the way for future IoT growth. But with today’s reality no CSO or CISO wants to be responsible for IT and/or physical security operations when they don’t have control of what’s connected to the network; they don’t know which security systems were offline or not working; and can’t easily determine which devices were impacted by downtime, data breaches, or compliance issues. No one wants to be that person.
As time marches on in physical security, sometimes there are clear markers along the way that fundamental changes have happened. We are all aware that IP-based physical security has taken hold, and the nature of managing and maintaining physical security networks has changed along with it. Is there a line we can draw in the last couple years to say “this is when it all really changed”? I would argue that 2017 is when a distinct change happened organizationally, specifically on how IT is sharing more responsibilities than ever before regarding physical security.
In many organizations, security is still considered an independent issue that is restricted to the security department, and decisions made by the security team are mostly of interest to the board only in relation to their costs or if a significant breach occurs. As physical security continues to take a more central and company-wide role in compliance, brand reputation, and cyber-security, it has consequently become an area your board is likely to want to have more information on – and sometimes will want that information on a moment’s notice.
In any business, security duties and responsibilities may be spread between different departments to fulfill different needs. The physical security, IT, compliance and facilities departments all may have different responsibilities falling under the heading of ‘security’ to protect employees, assets and company data. While physical security helps keep potential threats at bay by controlling access and surveilling the facility, IT protects the network and servers from hacking, and facilities makes sure that the building itself is maintained and doesn’t pose any risks.
Prevention has always been a goal for security; proactively averting threats to the business reduces the need for response and remediation and is a the most desirable risk management model for any organization. With today’s technology, IT can install firewalls on the network, while physical security could implement facial recognition software to prevent former employees from entering the building. Compliance regulations ensure that all departments meet standards for protection and prevention.
An article I saw recently started with this compelling question:
As 2017 is headed to a close we can already see trends that will shape the security landscape in the next year. Some of the trends that we’re seeing for 2018 include the growing recognition of the vital role physical security plays in assuring cybersecurity – and vice versa. We are also seeing new means of how organizations are approaching physical security compliance, and an evolving (and more strategic) relationship between integrators and end-users. Understanding these trends should help organizations plan ahead for how they can benefit most as 2018 unfolds.
Who wants more time spent on service calls? Don’t be shy…
For years, the security industry has relied on a ‘reactive’ model for maintenance on surveillance systems. Older, analog systems, working in concert with security officers, guard dogs, and physical barriers, required less maintenance and management than today’s high-technology IP-based systems. When they failed, people knew because there was no image on a screen. Security systems today are more capable, more powerful, more “virtual”, and more secure—but also more complex, requiring more detailed inspection to ensure their consistent function. Seeing an image on a screen does not mean with IP-based surveillance that video is recording as it should – that’s why so many security teams have faced the “missing video” problem when they go to retrieve video evidence and it is not there. Because there are more things that can go wrong, and go wrong “silently” without someone knowing a failure has happened, most physical security teams are in the rut of reactive maintenance. No one knows when the failure happened. To figure out root cause, a technician is sent to inspect the system. Then fixes are tried, sometimes iteratively, until it looks like it’s working again.
Benchmarking has been an important part of business operations for as long as there’s been business—one can easily imagine a prehistoric hunter-gatherer comparing the plants they’ve collected to their neighbor for color, taste, and medicinal effectiveness—and then asking the neighbor where they found better plants. Comparing your operations to your competitors is an extremely helpful tool to help you optimize your activities and increase your own ROI. By benchmarking your security system, you can learn how to improve operations, reduce costs, and create a more efficient system.