Maintaining Relevance in a Dynamic Landscape

relevance

Now, there’s the rub! Is the consultant addressing topics relevant to the client’s perceived need, or just addressing his/her area of expertise?

We live in a world where organizations face a diverse array of threats. The daunting task of the Security discipline is assessing the associated risk and prioritizing limited resources to address mitigation. During the discovery process, sometimes I can see clients running through the inventory in their heads… controlled access, monitored access/intrusion, forensic or active video surveillance, hardening networks, improving identity management, information security (etc.). The validity of such an assessment depends heavily on understanding the values and mission of an organization. Protecting assets can take many forms: human, equipment, financial and intellectual resources, even a company’s reputation.

How does a prospective client determine which potential partner can provide the greatest value in addressing their needs?

The key deciding factor should be a demonstrable understanding of the unique environment in which each organization operates and the challenges faced. As specific expertise seems to be required, the understanding narrows to smaller and smaller subsets of potential threats… and relevance slowly diminishes.

Maintaining Relevance

The majority of end-users depend on their partners (consultants/contractors) to help them understand their vulnerabilities and address them effectively. In a security continuum where there are so many competing messages, most value propositions tend become garbled and difficult to evaluate. Let’s look at perceived value defined for a few different disciplines:

Physical Security

Dealing with theft, external and internal violence, unauthorized access to critical areas, vandalism (etc.), a physical security focus brings the tried and true principles of detect, delay and deter concepts. There tends to be numerous vulnerabilities in this category that require experience and training to address. The complexity of designing site, building perimeter and interior security solutions can be difficult to perform effectively, requiring years of experience with cameras, sensors, reader technologies and their integration.

Identity Management

In my opinion, this is a category unto itself. I have run into very few physical security professionals that understand this discipline well. Identity management is NOT printing a photo on an access control badge.  It represents using Active Directory Services to achieve authentication in BOTH LAN/WAN/Cloud data communication and Physical Protection System (PPS) environments.

Hardening Networks

Encryption, Encryption, Encryption. Why are IP networks fully encrypted, while access and intrusion monitoring data infrastructure is not? Food for thought, 128 bit AES encryption is not the highest order of encryption… Is physical access to switches and servers strictly controlled?

Information Security

I am now being asked, “do software apps managing access control use open source code?” Do IP Edge devices (controllers, cameras, etc.) have protection schemes for Denial of Service (DOS & DDOS) Attacks? Does all data communication utilize password protected encryption keys? Is dual authentication available? Can credential technology support network identity management? There is an answer for each of these questions in both network and application environments. Let’s get engaged and begin the discussion…

Relevance is TEAMWORK!

The most difficult transition I had to make in my long career, was moving from an individual to team performance focus (topic for another article). The complexity of leading technologies, latest software and evolving threats demand specialists able to address these areas both individually and together. Any one person working independently is unlikely to grasp the entire picture. The answer is to bring a team together with a basic understanding of these disciplines and capable of coordinating design and deployment to deliver the best solutions addressing the client’s broader needs.

So, which discipline offers the greatest security value? None individually… the best risk mitigation will always come from effective multi-discipline teams!

If you would like to discuss this, or other security topics, please contact him via LinkedIn. Also, take a look at his LinkedIn Discussion Board Security Convergence, or his Twitter feed @DLIPTech.

This site is maintained by Douglas Levin, PSP, AHC, LEED AP. It is intended to be my personal professional blog. The content reflects my personal opinions and observations regarding the Physical Security Systems industry and Technology Sectors. The opinions expressed herein reflect my personal viewpoint/ideas and do not in any way represent the position of any other person, organization or company.

Advertisements

About Doug Levin

Doug is a certified (PSP, AHC, LEED AP), experienced business development professional with a focus on the physical security industry. With a diverse background that includes delivering products & services through multiple channels (manufacturing, distribution, specialty & general contracting), he brings a broad industry perspective that adds greater value for his clients. Having decades of experience with sales engineering and design-build of low-voltage automated systems, he also offers a strong emphasis on technical knowledge and consulting services. His career has included responsibility for: profit & loss, operations and sales management with front-line experience in estimating, sales/marketing, project management and developing security design documents & spec writing.
This entry was posted in Cybersecurity, Data Security, Information Security, Physical Security, Technology and tagged , , , , , , , , , , . Bookmark the permalink.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s