Trends Column / Security Leadership and Management / Columns

Getting Realistic Results from Security Technology

As the security industry heads to the largest technology trade show in the world, ISC West in Las Vegas, it is a great time to do an inventory and reflect on your security technology investments and systems

As the security industry heads to the largest technology trade show in the world, ISC West in Las Vegas, it is a great time to do an inventory and reflect on your security technology investments and systems. In short, what are you doing with them and what are you getting from them?

There will be more than 1,000 exhibits at ISC West plus another 100 or so new technologies and solutions presented in hotel suites and meeting rooms off the show floor. Robust discussion about the movement toward IP, mobility and the cloud will buzz across the show floor, as it should.

But connecting the many amazing leaps in efficiency and effectiveness to your security and risk management program will still be a daunting task. At issue are your strategic initiatives that include supporting enterprise business goals, securing people, assets and infrastructure and moving your program from response to prevention to being predictive.

How do you connect all of those dots?  For example, how does the incredible new IP HD megapixel camera that a manufacturer launches at the show and sells through your system integrator translate into intelligence to predict and prevent bad things from happening? Clearly, each and every component is a piece of the security solution to help respond, prevent, predict or recover from an event.

While it is a race of measures and counter-measures, there is no question that GSOCs, CyberSOCs, analytics, intelligence gathering and analysis are having a major impact on improving an enterprise’s ability to detect and mitigate threats, as well as the ability to be resilient and recover from vulnerabilities. As our cover story exemplifies, Ed Goetz and the leadership team at Exelon are gathering, analyzing and acting on information to predict events, not just prevent or respond.

And they are not the only ones moving in this direction. ADP’s CSO, Roland Cloutier, explained in an interview with Security: “We developed a new risk and privacy roadmap. Core to the plan is the Trusted Platform Security Initiative, a global governance, risk and compliance technology platform for our operations workflow. We were able to look at business operations and how they responded in the past to different events. With the new platform, we looked at major applications such as fraud detection, workforce safety and compliance. From an ROI standpoint we asked, ‘Can we detect more events now than in the past?’ And we measured how we would apply information to prevent events versus how we would deal with post-event response in the past. Finally, we evaluated the total load of each metric. The business case outcome was very favorable for this investment.”

You may have seen IBM’s predictive analytics advertisement for law enforcement and public safety in which a thief arrives at a convenience store only to find the police already there, waiting for him in the parking lot. While that’s a nice concept, the state of the technology is not quite there yet. What the IBM Smarter Cities Operations Center does do is “synchronizes and analyzes information gathered from diverse data-collection systems. Patterns revealed through analytics help decision makers anticipate – rather than just react to – problems, and dispatch first responders to the scene faster. The results, such as predictive policing, mean better citizen-centered service...whether minimizing inconveniences, overseeing emergencies or stopping crime.”

After the Boston Marathon bombing, Boston law enforcement leveraged their newly implemented IBM Operations Center to gather disparate, voluminous data and use analytics to derive new insights and uncover trends. For example, during the search for Dzhokhar Tsarnaev, numerous phone tips and social media posts were fused through the operations center and efficiently analyzed to support the search. While the move toward predictive operations is improving with each iteration and highly promising as a cost effective risk mitigation tool, in the end it was an observant resident and cautious police work on the ground that led to his capture.

But ultimately, it will be technology and the ones and zeroes that calculate and chronicle our lives to predict a book we would like to read on Amazon, an item we are inclined to purchase through Google, or a store we were stopped from robbing by IBM, that will move the profession toward risk management and reduce the dependence on incident response. And the technology solutions demonstrated at the ISC West trade show or presented to you by your systems integrator are important to understand and consider in your strategic planning for the next generation platforms of GSOCs and CyberSOCs.  

 

Please join us at the Security 500 Conference in Palo Alto on April 29. Registration details are at www.security500.com 

www.security500.com

Did you enjoy this article? Click here to subscribe to Security Magazine. 

Recent Articles by Mark McCourt

You must login or register in order to post a comment.

Multimedia

Videos

Image Galleries

ASIS 2013 Product Preview

ASIS International 59th Annual Seminar and Exhibits, September 24-27 in Chicago, Illinois, will include an exhibit hall packed with innovative security solutions. Here are some of the products that will be shown at ASIS this year.

Podcasts

Virtualization and Data Center Security: What You Need to Know for 2014

Data centers are increasingly becoming the center of the enterprise, and data center and cyber security is following the same path for security departments. According to Justin Flynn, a consultant at the Burwood Group, the virtualization of data centers allows enterprises to scale more easily and faster, with a smaller footprint.

However, hosting enterprise data in the cloud can make intrusion detection more difficult – how can enterprise security leaders team up with other departments to keep aware of cyber risks and traffic, and physical and data compliance during the virtual transition? How can CISOs and CSOs discuss cyber threats with the C-Suite to get the resources they need? And how can the proper infrastructure test and verify possible malicious attacks? 

More Podcasts

Security Magazine

Security June 2015 issue cover

2015 June

In this June 2015 issue of SecurityIs the security director business’s new “corporate rock star?” Find out how CSOs can become the new leaders of their enterprises through mentorships, partnerships and creatively adding business value. Also, learn how security professionals are training employees in cyber security through games. And why are deterrence and detection so important when it comes to thwarting metal thieves? Find out in this issue.

Table Of Contents Subscribe

Body Cameras on Security Officers

Body cameras are being used increasingly by police in cities across the U.S. Will you arm your security officers with a body camera?
View Results Poll Archive

THE SECURITY STORE

Effective Security Management, 5th Edition.jpg
Effective Security Management, 5th Edition

 Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics. 

More Products

Clear Seas Research

Clear Seas ResearchWith access to over one million professionals and more than 60 industry-specific publications,Clear Seas Research offers relevant insights from those who know your industry best. Let us customize a market research solution that exceeds your marketing goals.

STAY CONNECTED

Facebook 40px 2-12-13 Twitter logo 40px 2-12-13  YouTube  LinkedIn logo 40px 2-12-13Google+

Vertical Sector Focus: Critical Infrastructures

criticalhomepagethumbFrom terrorism to vandalism, it’s preparedness, response, training and partnerships. Learn about some of the critical security issues facing this sector.

Visit the Critical Infrastructure page to read more.