My company hosted The Great Conversation in Security in March and quickly followed up with a trip to Las Vegas for ISC West 2017. I have assembled a list of conversations we had at both events. I think they will help to shape 2017-2018 for us and the industry.
The Power of the 360º Program. There is no question that vendors are moving quickly to create a holistic real-time visualization of the entire risk, resilience and security program from situational risk to continuous quality improvement through the management and measurement of key performance indicators. Value generation will depend on this and the technology is now in place to achieve it.
The Insecurity of Security Systems. Executives can no longer sit by the sidelines on this issue that will impact their viability and effectiveness. How we manage the vendor value stream is critical. How will technology vendors ensure that defensibility is part of their design specifications? What guidance will they provide their integrators? What contract models will be needed to protect the client and pay for the support of these systems? What competencies will be needed?
The Door. Who Owns It? And Why Does It Matter? Architects are designing and general contractors are hiring door experts without consulting with electronic access control vendors. Both domains are largely ignorant of the other. Combine that with the fact that many security leaders do not have input into new construction until it is too late, and we then have a recipe for implementation and performance problems.
Analytics. Is the technology ready and are security executives ready to drive analytics into their video surveillance program? What are the barriers? Do we need to redefine “privacy”? Who will leverage this most; contracted SOCs, alarm monitoring companies, or the clients themselves?
Fire and Security. The way we are defining “mass notification” may be constraining our ability to deploy the right technology. Words are important because it may trigger regulatory compliance. In the fire industry, the term mass notification triggers a design specification that may not provide the proper intelligibility. It is important to realize that notification is not sound transfer. It is communication and understanding. So, the industry must determine how we are going to evaluate and benchmark for intelligibility.
Managed Services. With the increasing need to manage budget (cut expenses), do we need to reconsider how we are adding infrastructure (on-premise technology and real estate) as well as full-time employees to manage it? More and more contractors are positioning to help the client with this decision, especially in the Security Risk Management Services (SRMS) market.
Standards. What standards are we tracking and managing to in our programs? How well are we understanding and communicating their value to our programs? What is falling through the cracks because of our lack of resources? What cost or risk is possible due to this inattention?
Drones, Robots and AI. Sensors will take on different forms and functions. We will be wrapping neural decision-making around the data they generate. How are leaders navigating this emerging trend and ultimate change to their organizations?
The Value Stream of Security. The way CSOs and their teams procure products and services determines their costs and their value. Without a fundamental understanding of the value stream of the vendor ecosystem, executives often use old techniques that are no longer relevant to their long-term value. Message to purchasing executives: You are not saving money!!!
We will be seeking guidance from senior leaders in risk, resilience and security to align with these issues and opportunities as well as add to this list. Please keep your input coming in. We will try to post in The Great Conversation in Security magazine on LinkedIn as well.