Post-Pandemic Enterprise Security: Intelligent, PredictiveBy Alexis Langagne Fasén | Mon, 10/12/2020 - 09:23
We all want the world to be a safer place, and we all want to make our workplaces safer too: safer for individuals, corporations and nations. But the pandemic has raised new challenges for enterprises and organizations regarding how to provide much greater “security” and “safety” than what we were used to, and to accomplish this with the right balance of risk mitigation and cost.
With this objective in mind, I provide what I call “the 5 Golden Rules of Post-Pandemic Enterprise Security,” which is all about building intelligence and prediction capabilities into your current organization’s security system.
Background: as we look at how security is provided to enterprises across Latin America, and specifically in Mexico, we still have a dominant “static” (and physical) model, meaning that security systems, in general, are reactive and highly dependent on the physical location. That is, manned guarding is the dominant security model across organizations. Ideally, we are talking about highly trained individuals who do physical inspections of locations, identify any suspicious activity and react to any relevant incidents.
Just as with the commonly used model of manned guarding, the most common electronic security systems for surveillance are location-focused and not fully integrated into the overall security architecture of an organization. Whether we are talking about CCTV cameras, access control systems or any type of intrusion detection system, most electronic security devices are attached to a location without internet capabilities that allow them to exchange information back-and-forth across the security system.
As mentioned, building these safer workplaces is all about developing intelligent and predictive security systems. Here the 5 Golden Rules on how to accomplish this goal:
1. Digitize and automate – first you should digitize all the data and process steps that you can. Data such as documents, audio and videos (e.g. from CCTV cameras) should be digitized and safely stored (but also made easily accessible) so they can be used anytime in the future. This will be key to a more proactive approach for the security system within your organization. As you digitize, it is also key that you leverage technology to automate some of the processes that today are totally (or highly) manual and prone to error; for example, some of the surveillance performed by guards today could be performed in combination with a remote control center, or “Security Operations Center” (SOC), where some of the process steps are performed automatically by systems running analytical software in the SOC or by expert SOC operators. So, automation is not eliminating the human factor at all. It is finding the optimal combination of technology and the human factor in a process that enables more proactive security.
2. Provide safety beyond security – today, the processes to provide enterprise security (to people, assets and reputation) and safety (to employees, customers and suppliers) need to become more tightly-coupled, as we have learned with the pandemic. Therefore, every aspect in the security system that “touches” people needs to become touchless; for example: access control systems that use face or iris recognition, thermal cameras to determine individuals who are potentially not healthy, hand-held devices combined with audio capabilities to monitor and manage physical distance or occupancy levels in a conference room.
3. Integrate the whole system – the key aspect of a security system that is evolving to provide proactive capabilities is the full “Integration” of human and technology tasks into an end-to-end process that minimizes risk for your organization, at the appropriate cost level. The end-to-end process should meet all the regulatory and legal requirements and ideally should also incorporate best practices from other organizations around the world (i.e. your customers, partners or even competitors).
4. Build intelligence – when you have all sorts of data being captured (videos, audio, documents) and shared by IoT devices and people (guards, SOC operators, inspectors), storing it safely is not enough; you need to leverage the opportunity to apply advanced data analytics such as big data techniques to first analyze the past – understand what happened and how it happened – and eventually understand why an incident happened. This is a learning process and the foundation to building Intelligence.
5. Be predictive - over and over we have learned that the more you focus and invest on preventive actions to mitigate potential risks, the lower overall risk you will have – and also the lower cost of “damage control” in the case of incidents versus a reactive security system. Now you need to take proactiveness to the next level, which means building a predictive system. When you leverage the security system’s intelligence, you can identify potential incidents even before they happen (predicting based on their probability). Based on that information, you can determine the specific preventive actions to be taken, either by IoT devices or guards, inspectors or operators.
As we plan for this post-pandemic era, organizations need to be innovative to build these safer workplace environments that are necessary for the continuity and future of our businesses. To accomplish this goal, enterprise security needs to go “intelligent and predictive!”