Industry Expertise

In Physical Security, Data-driven Risk Assessments are Incomplete Without Device Data

As the global threat landscape evolves and security resources remain limited, security leaders have had to re-think historic approaches to security risk assessments to meet the demands of unpredictable threat environments and ever-changing business needs.

Forward-looking security practitioners are now leveraging data to conduct quantitative, data-driven risk assessments, reducing the need for global travel among their teams and resulting in real-time risk data that has a meaningful impact on security operations, business investment, and resource allocation.

As security functions take this leap and teams begin to leverage multiple streams of security data to measure risk, one pain point is proving harder to overcome than the rest: device data.

Device data tells security practitioners what kind of technical security controls are in place and how well those controls mitigate against any variety of security threats. While a standard site assessment might determine whether or not a site is equipped with a type of security system, it is only with device data that we can determine how well those systems are functioning. Without actionable device data, it is nearly impossible to accurately measure risks posed to company assets.

As HiveWatch teams work with our customers to untangle device data, some key trends have begun to emerge.

Here are the three most common reasons device data is difficult for security practitioners to leverage:

  1. Disparate security devices are the norm

    As many security leaders will tell you, it is not uncommon to have multiple security systems and device types monitoring assets at the same organization. Security teams often inherit disparate security systems across their portfolio, which results in noticeably different reporting capabilities and data types available from those devices. This variance in device type and subsequent data output makes it a challenge to collect, standardize, and analyze device data in meaningful ways.

  2. Devices are not appropriately configured to collect relevant data

    For security practitioners with less technical knowledge, it is easy to assume that security devices are configured to collect as much relevant information as possible. This is not always the case however, and devices often require unique configurations to optimize data collection and reporting capabilities. Security teams may be losing out on years of impactful security data if devices are not appropriately configured at installation.

  3. Systems data is unstructured and overwhelming

    Device data, in its unstructured, raw form is nearly impossible to manage without the support of technical resources to clean, query, and visualize the data. While there are proactive steps security professionals can take to ensure device data is usable, teams looking to leverage this data will always require the support of analysts to facilitate meaningful, quantitative security analysis on otherwise unruly datasets.

"Security teams often inherit disparate security systems across their portfolio, which results in noticeably different reporting capabilities and data types available from those devices. This variance in device type and subsequent data output makes it a challenge to collect, standardize, and analyze device data in meaningful ways."

As the Director of Account Management and Security Advisory at HiveWatch (and self-appointed risk assessment nerd) I have seen how HiveWatch software not only enables end-users to effectively do their jobs, but also how designing HiveWatch software with clean data collection, analysis, and reporting functionality has allowed security teams to leverage their own device data far beyond its obvious applications.


If you are interested in learning more about how HiveWatch is helping organizations wrap their arms around device data, please feel free to reach out or request a demo here.

Topics: GSOC, Machine Learning, Multisensor Resolution, Security Fusion Platform, Technology, Cloud technology

Rebecca Sherouse
Rebecca Sherouse

Rebecca Sherouse is the Director of Account Management and Security Advisory at HiveWatch where she is focused on providing end-to-end lifecycle account management support to customers. In addition, Rebecca is responsible for providing bespoke security consulting services to customers to support best-in-class technology adoption and expansion aligned with a risk-based approach to security program development. Rebecca has a bachelor’s degree in International Studies with a focus in Global Security and Latin America from the School of International Service at American University and is fluent in Spanish.

Share:

Related Articles

Physical and Cyber Security Teams Still Need a Cohesive Vision

It’s not a secret that physical and cyber security teams are still operating in completely different spheres. And in many regards, cybersecurity..

HiveWatch October 20, 2022

Embracing New Technology in Physical Security

Companies moving to the Cloud As companies reflect on the continued impact of the COVID-19 pandemic and subsequent changes to business operations,..

HiveWatch September 22, 2022