Here’s the deal.
Budgets are tightening or staying flat. The recent State of the Industry report from Genetec found that 34% of respondents said their budgets were going to remain flat, while 16% said they were expected to decline. This leaves security teams wondering how they can optimize their programs while keeping budget considerations top of mind.
In our latest webinar, we were joined by Bobby Louissant, Head of Technical Partnerships, Global Security, at Meta; Rebecca Sherouse, Director of Account Management & Security Advisory, at HiveWatch; and Gerardo Iglesias, Director of Physical Security, at Molina Healthcare. The discussion was moderated by Jon Harris, Sr. Product Manager at HiveWatch.
The group talked about the current landscape in physical security, driven by the need to maximize and streamline existing investments and operations to meet budgetary demands being placed on the organization.
Here are three considerations you should make when optimizing your security program with budget constraints in mind:
1. Start with an Assessment
You can’t begin to optimize your security program without knowing what you have. You need to take a closer look at the data that’s coming in, the risks you’re addressing, and whether or not there are segments of the budget that require analysis.
“The initial physical security assessment is critical,” said Iglesias. “Not every site should be cookie cutter…your security program should vary based on the business needs of the site along with what the ultimate goal of that site is there for. If you’re in a high-crime risk area, along with a potential history of incidents, then more guards, cameras, and other technology may be necessary. There are ways for us to take a look at the overall design of each site and that’s where the spend occurs – and where savings can be found.”
Similarly, Sherouse pointed out that the security spending for pre-pandemic may need to be re-evaluated as hybrid and remote work has shifted, which might free up additional budget that can be made available for technology advancements.
2. Involve Stakeholders at all Levels
Engaging stakeholders at all levels provides security teams with the ability to identify potential roadblocks to success related to physical security program implementation. The panelists agreed that building community within the security team by encouraging leaders to listen to the concerns of operators and sharing those with executive leadership can help build morale. Doing so can also reduce turnover, which can be a drain on resources and affect budgets.
“Leadership has to establish a baseline with their teams and an understanding of what the move forward strategy is about,” Louissaint said. Without it, he stressed that teams aren’t empowered to make cost-cutting decisions that are aligned with overall business goals.
“It’s more of a community approach rather than top-down,” he said.
Molina Healthcare sites are often in less affluent areas, Iglesias said, which makes it important to weigh the input from employees about what they need to feel safe going to work each day. “It’s not just you (as a security leader) approaching the finance committee; it’s you with the stakeholders that support your vision that ultimately translates to better employee morale for those employees directly affected,” Iglesias said.
“A lot of successful security leaders often partner with business continuity teams and crisis management teams to understand the various exposures of their assets to risk,” Sherouse added. “Through that, they start to understand the risk level of various assets. Taking a risk-based approach to securing the business is a great first step.”
3. Incorporate Technology Advancements
Once a security program combines risk assessments that affect the business, as well as input from key stakeholders, then decisions can be made about how to provide more comprehensive data-driven decision-making for security leaders with technology.
“One of the best resources we have in this industry is the data,” said Louissaint. “Using that data is probably the best resource you have as a security leader to position your business in a manner where you can be prepared, or having to cut costs.”
“I find that the rip and replace cycle that we all have found ourselves in our career is brutal and very difficult to justify to finance. You're only going to get one shot of going through that justification cycle,” Iglesias said. To combat the cycle, he recommends layering artificial intelligence (AI) technology that allows operators to better manage incoming alarms by identifying false alarms, finding the root cause of the alarms, and being able to respond quickly and efficiently.
“Technology that leverages AI isn’t inexpensive, but there’s an ROI associated with it, especially in the security industry, where we're constantly being asked to do more with less resources,” Iglesias said. “It's almost as if you have no alternative but to really start leveraging the technology that you've already deployed.”
"If you add up all the hours that our operators spent just triaging a false alarm, it adds up to a considerable amount, and you can use that data like that to justify a larger investment in a tool that will help you supplement some of those issues." - Bobby Louissaint, Meta
Security teams are taken a lot more seriously when risk to the business can be both qualified and quantified, Sherouse pointed out. “How do we quantify threat intelligence? How do we quantify the attractiveness of our particular assets? And how do we measure the controls that we have in place, including device data, sensor data, all of that good stuff to give an accurate picture of our exposure that sets the groundwork for optimizing security programs?” she said.
New advancements fall into the following buckets, according to Sherouse: reducing administrative burdens, enhancing how we collect data, and then optimizing that data.
-
Reducing administrative burdens: The mobile-first management and remote access technology advancements can be found here, even something as simple as mobile credentials. There’s a tremendous amount to be said for the administrative burden that has been decreased with these advancements and continuing to look towards technology that can help us to do that in security teams is a really important one.
- Enhancing how we collect data: This encompasses the use of low-cost movable sensors that are emerging in the market; things like proximity sensors, lower cost technology to collect different data which can be an alternative to the rip and replace approach. These investments may not be long-term, but they can drive a ton of value and help gather more data for security teams.
- Optimizing the data: System centralization and ingesting disparate security devices and data from your cameras, access control, environmental sensors, and more allows leaders to visualize incoming data in a meaningful way. This is becoming a game changer. It takes some of the highly manual, time intensive tasks from operators, like clearing mass amounts of false alarms, and redirects these individuals to perform more meaningful tasks for the organization that provide more value to the business.
“If you’re dealing with the pressure of cost reductions today, it’s going to be hard to purchase an AI solution, but you should plan to work toward this goal,” Louissaint said. (Hint: The HiveWatch ROI Calculator can help you figure out how the platform can save your organization time and resources. Contact us for more info.)