Not too long ago, security operations centers (SOCs) and the enterprise security executives and the staff who ran them were relegated to airless basement offices with little security equipment that did no more than monitor video and manage guards.
Today’s SOCs have evolved into large financial investments that include surveillance and security technologies that enable an enterprise security executive to monitor global threats in real-time, tie in video feeds from other business units, employ analysts who monitor social media, share data with other enterprises, and more. They can form the heart of an enterprise’s operational defense against advanced physical and cyber-attacks.
With this growing importance and role of a SOC, the enterprise security executive’s role is changing as well. Many of today’s security executives may come from IT backgrounds as well as from law enforcement, and they have direct experience of using technology as it relates to security. This naturally leads them to look for solutions that leverage technology to automate processes and build efficiencies in response. To achieve these types of efficiencies, the IT industry has always looked towards solutions that have the power to aggregate multiple disparate systems into a single operational view. To fully realize and effectively implement the best security solution for their SOC, the selected approach now frequently includes a Physical Security Information Management (PSIM) solution.
Implemented well, a PSIM can provide outstanding support for a broad range of security and business objectives. But, it is not without potential pitfalls. For example, setting up the proper inputs, operating procedures, and decision factors will require executive-level buy-in and support from both the senior staff and middle managers in multiple departments. In addition, the system itself will require set up and ongoing support from the organization’s IT team. The IT team is in a unique position to provide guidance and problem-solving support that can make or break the implementation. And of course, management must be clear on what the standard operating procedures and policies will be. It is impossible to implement a system to guide the response to trigger events if you don’t already have clarity on what those responses should be. Once a security executive has the support of the broader team, and clarity on the desired SOPs, then the stage is set for a big improvement in operational clarity, efficiency and effectiveness.
PSIM Criteria
PSIMs have emerged as the new control platform for total management of SOCs, due to their ability to integrate previously disparate access, video, notification, building operations and more onto a unified control and management platform.
But how do you pick a PSIM?
When selecting a PSIM, look for criteria such as easy operation, automated features and functions, open architecture for easy integrations, standardization, intelligence, stability and comprehensive metrics reporting. These criteria will assist a security executive in selecting the right PSIM, and provide them with the opportunity to demonstrate their expanded roles within an enterprise beyond conventional surveillance and security operations.
In a SOC, it’s easy for operators to become overwhelmed by the volume of alarms generated by the list of surveillance and security systems deployed. Best-in-breed PSIM systems solve this common problem with automation by identifying and automatically responding to non-critical events. This provides operators with the time and space they need to focus on important events that require human intervention and decision-making. Whether the response is automated or requires operators to act, all events are logged and audited, making them available for management reporting and information analysis. More important, the most critical events won’t get lost in the shuffle and will receive the full and timely attention they warrant. The enterprise security executive, in turn, can provide the C-suite with specific metrics about how security events were effectively and timely mitigated.
The ability to integrate multiple disparate systems into a single, centralized interface is a primary benefit that advanced PSIM systems offer that are documented to save money for an enterprise. The architecture of the solutions allows them to support and bridge the gap between a wide range of integrated systems over multiple physical locations, saving time and money for an enterprise.
To fully harness and maximize the power of integration, PSIMs must be built on open architecture that provides security executives with a standard tool for integrating many systems that is simple, easy to maintain, cost-effective and scalable. The flexibility to seamlessly integrate with virtually any solution from a variety of manufacturers – including legacy systems – saves money, streamlines operations and provides more complete information for incident response. But the nature of the systems that need to be integrated is changing too – they go beyond traditional physical security systems like video, access and alarms. More than ever, security executives are looking to integrate with business risk alert systems, building management systems, back office CRM systems, IT asset management platforms, ticketing and workforce automation, mapping and GIS platforms, and the list continues to grow. Advanced PSIMs don’t replace all the functional operations of these subsystems but become the central hub for coordinating response to events, pulling critical data from these various systems and posting updates to others.
This triage and response provides incredible value to an organization as the SOC, and in turn the security executive, become the 24/7 hub of all operational event coordination across the organization.
In addition to situational awareness, PSIMs can also analyze the data they capture to provide deep insights and intelligence about security, business and overall organizational operations, both in real time and over extended periods of time. Armed with this information, a security executive can better prepare for events and identify any potential changes that could improve response and staff adherence to SOPs. Incidents can be mitigated, and the security executive can show leadership on specific events.
Further, PSIMs should be capable of automating and standardizing the creation and initial completion of audit, legal and compliance reports within an incident management system. This generates significant savings in personnel time and ensures not only that the initial report follows a defined company standard, but also that all incidents are reported correctly.
Enterprise security leaders that place an emphasis on these important criteria when selecting a PSIM can ensure that they will reap the benefits of best-in-breed solutions that will meet their specific needs. With the ability to seamlessly integrate previously disparate systems into a unified control and management platform with automation and standardized interfaces, today’s advanced PSIMs deliver ease of use, faster and more effective response and most important, enhanced security.