A primary goal of security should be to anticipate potential incidents and risks in order to take a proactive approach to prepare for and possibly avert potential threats. But while security spending continues to rise, the majority of that spending is dedicated to systems that are designed to react to incidents. A study conducted by researchers at Temple University’s Center for Competitive Government estimated that between 94 and 99 percent of alarms generated by security systems turn out to be false, making spending on these systems inefficient at best.
The emerging science of predictive analysis can help transform security into a proactive strategic partner that plays an integral role in an organizations’ growth. Where traditional systems can generate alarms to alert security staff of incidents in progress, predictive systems analyze a wider variety of data from multiple systems. The goal is to identify statistical trends that provide correlation between elements and alert users that an event is more likely to occur. Predictive analysis can also identify and forecast which policies are effectively enforced and which are ineffective within the current systems.
Despite its power as a security and operations tool, predictive analysis is far from magic. It’s not enough to simply deploy a system and expect it to deliver actionable intelligence. These systems are only as good as the data they can access and the metrics they measure. There are five key elements that go into predictive metric-based security management and ensure organizations have actionable intelligence to improve security and operations. These are:
1. Creation of Effective Actionable Metrics
Determining what to measure requires organizations to identify their goals and the key factors that could influence them. In predictive analysis, metrics often identify either potential risks or opportunities to improve business processes. Metrics for risk identification define Indicators of Compromise (IOCs) for early recognition of deviations from norms that can be used to identify and contain security incidents before they result in loss. IOCs may include changes in access or behavioral patterns (entering a facility at unusual hours or locations, or attempting to access unauthorized areas). For operations, metrics might help the organization identify inefficient processes, measure compliance with company regulations, justify where increased effort can have the greatest effect, and more.
2. Measurement of Policies
Once policies have been identified, organizations must determine how to create metrics for those policies. This includes determining the effectiveness of current security and operational policies, for example the number of visitors who enter a facility during specific time periods, the time it takes to process those visitors and how that effects wait-time can be combined to measure the effectiveness of lobby staffing levels, or the duration of the process for new hires to receive access approval can be used to find areas where automation may have the highest ROI impact. Information generated through predictive analysis can help forecast when problems may arise or whether policy changes are needed to improve security or operations.
3. Using Data to Uncover Predictors
While most organizations have no problem identifying their key goals and metrics, data analysis cannot be effective without consideration of where that data will come from. For effective predictive analysis, more data is better, meaning disparate systems must be connected to provide the volume and variety of data required to identify predictors of potential threats, inefficiencies and other concerns. With metrics in place and data sources integrated, predictive analysis can uncover patterns using subtle factors that may never have been expected and that an organization may not have been able to discover previously.
4. Review and Assessment of Metrics
As improved awareness solves problems and focuses process change, review and assessment of metrics becomes the next step in predictive analysis. Based on this data analysis, metrics may need to be adjusted or new metrics may need to be added to address any unexpected predictors and to respond to new opportunities.
5. Business Value of Predictive Analysis
In addition to risk identification, predictive analysis has the potential to deliver significant business benefits, including increased efficiency and agility, better business alignment and improved reliability. Specifically, predictive analysis can help improve resource management, boost employee productivity, optimize staffing levels, improve service levels to your organization and even ensure compliance with company policy and industry or government regulations. Each of these factors contribute cost savings, and a clear business value.
Using these five key elements, organizations can ensure they have actionable intelligence needed to anticipate and prepare for potential security risks or threats, while simultaneously improving overall operations. The intelligence gleaned from predictive analysis shifts security from a reactive to a proactive process that becomes a key contributor to organizational growth.