“We have our physical security program well under control with all risks in check,” said no security manager, ever.
Aside from the demand of security responsibilities it is human nature not to be satisfied with the status quo, and especially in our current society. If that were not so, there would be no commercials on TV, radio or (insert your favorite social media). Physical security is no different. Sure, the motivations are different and likely appropriate, but the push for the next great thing is still there. If I just had that AI embedded, video facial recognition, biometric access, false immune, self-monitored, automated enrollment… uh, what was I talking about? Oh yes, distractions. Ok, that may be a very sarcastic view of new technology, but I think you get the point. Before I alienate my manufacturing friends, let me say that progress and technology advancements are a good thing, and you definitely don’t want to be herding dinosaur bones, but where is the balance? Let’s take a look at the big picture of physical security management through the lenses of three common pitfalls, and then we’ll look at the well-focused approach.
Lens 1. Wide-angle
This approach is many times called the whack-a-mole approach where you try to engage everything that pops up with the same priority. This is also the mile-wide inch thick mentality. These managers cover a lot of territory, but not very effectively. What ever you call this approach to new technology engagement, the results tend to be a lot of money spent with very little value to show for it. There is not enough effort put into implementation, training and process development, and even if the new solutions somehow managed to remain in operation, they don’t meet their full potential. This risk is that everything has holes and vulnerabilities because it never matured in operations.
Lens 2. Telephoto
The other end of the spectrum is the approach where security managers spend their time chasing “bleeding-edge” technology, but never pull the trigger because something else comes along before the last one matures. Squirrel! If a new solution does somehow get implemented, again, it has not been developed and established well enough to become a valuable part of the operation, and usually presents more risks that it resolved.
Lens 3. Hey, the cap is still on!
This security manager is oblivious and just keeps plugging along with what they have. They may have everything operating at top performance, but the world has passed them by. The risk in this scenario is that anyone can buy a hack for the old technology and process can’t plug the holes anymore. Lack of time or budget are usually the excuses given, but sooner or later an event will occur that will cost even more time and money.
Now let’s consider a well-focused, varifocal approach.
The balanced security manager is not distracted by the next big thing, nor are they scrambling to address all challenges simultaneously, but they are trying to be pro-active. Wisdom tells them to evaluate their security environment, identify and prioritize the risks and then find the most effective approach to mitigate each risk appropriate to the need. They identify the needs then identify the solution, rather than buying a tool and then trying to find the problem to fix with it. Sometimes new technology is the best solution, but other times it may just require refitting existing resources with new processes. In both approaches, developing a thorough program that defines objectives, provides training, documents implementation procedures and generates accountability will win the day.
There are times where a new product will present itself as a possible solution to a known operational challenge. In this scenario, it is appropriate to investigate that opportunity based on the need and priority that has already been identified. It must not distract from higher priorities.
It can be tempting to try and do all this work internally, but that is not always the best approach. Engaging an outside, non-biased resource can help see through the day to day routine, and will have time and experience to help develop these programs, ensuring the highest level of success. Advanced Security Consulting can help you see the big picture and focus on what is important for your security operations.