What Your Board Needs To See From Physical Security

    [fa icon="calendar"] Dec 19, 2017 3:17:29 PM / by John Gallagher

    In many organizations, security is still considered an independent issue that is restricted to the security department, and decisions made by the security team are mostly of interest to the board only in relation to their costs or if a significant breach occurs. As physical security continues to take a more central and company-wide role in compliance, brand reputation, and cyber-security, it has consequently become an area your board is likely to want to have more information on – and sometimes will want that information on a moment’s notice.

    Security and security issues permeate all parts of today’s business. It’s essential to protect your organization, employees, and assets from damage, theft, liability, and other issues that may occur across all departments and facilities. In addition, many industries are affected by regulations that require compliance from security and surveillance teams, a trend based on the tight link between physical and cyber security. Both physical and cyber security are critical to maintaining a business’ integrity through any threats or issues that may arise. And in some verticals public reporting of safety (such as the Clery Act for higher education, or Joint Commission audits in healthcare) is a legal requirement and actively is used to judge potential attendance or employment at that institution.

    To get to more specific examples, your board will be concerned about physical security if there have been incidents pointing to an unsafe or insecure workplace. It’s not the missing laptop (for example) that they care about, but that its theft may represent a business-wide problem with larger implications. If, for example, security video is missing after an altercation or from a high-security area, the viability of the entire organization may be at risk. In this context security can be considered a strategic asset. Keeping infrastructure operational and ensuring that you can present video evidence when necessary can help reassure a board that they have the physical security they need and expected to have.

    Your board will also be looking to make sure corporate funds are being used wisely. For example, a physical security system that cost $1M but only works 70% of the time is the same value as a $1.43M system that works all the time. In order to present the ROI of security systems to your board, you will need to demonstrate that the system will be functional 100% of the time. To do this, you can use consistent metrics such as video path uptime (VPU), video retention compliance (VRC) and video stream deliverability index (VSDI), to quantify positively that video is of continual high quality and will not be lost or corrupted when you need that evidence the most. Having a method of automating verification for both physical and cyber security can help you prove to your board that you can maintain the functionality of your security systems and lower the risk of downtime. Additionally, quantitative metrics help to show when there is an out-of-bounds situation developing that might justify more budget being put into physical security.

    Going beyond safety and risk mitigation, security systems can provide other functions that provide value to your board. Through the integration of sophisticated analytics, a security system can generate useful insights and data that can help the overall business become more profitable and efficient. Many security systems are integrated with Point of Sale (POS) systems and can correlate sales data with video to help you analyze your customer base; analytics can also be used to create a heatmap of a retail space to better understand your customers’ movement patterns and help to rearrange displays or shelving to increase sales. Providing this data to your board can help to reinforce how integral security system functionality is to business success.

    Your board expects the security system to perform its job by reducing risk and threats within the organization, and have the evidence and data it gathers be available for a number of corporate purposes. By demonstrating the greater benefits security can deliver – including protection from liability along with a wealth of business data and insights – you can successfully make a stronger case for the need for a robust, technologically advanced security system. And by showing how you can verify on an ongoing basis that the system is functioning the way it should, without data loss, you can reassure your board that the security system is an essential element of a successful business.

    Topics: Board, cyber, physical security

    John Gallagher

    Written by John Gallagher