“Why does your car have breaks?” asked Steve Hunt, principal of Hunt Business Intelligence. Not so that you can slow down, he concluded, but rather so that you can go fast in the first place. If you wanted to drive slowly, you could simply go at a low rate of speed. The brakes enable you to go fast by providing you with a mechanism that enables you to speed.
In the same way, enterprise security measures create a good environment for a thriving, agile business, Hunt said during a discussion, “How to Survive in the Security Industry: The Next 10 Years,” at ISC West 2015 in Las Vegas.
Most business units justify expenditures with cost-benefit analyses, Hunt continued. But most everyone in the business world thinks of security as an “annoying” layer of expenditures. A few experts have tried to elevate the conversation by talking about security in terms of risk management, Hunt said.
But to many stakeholders, investing in security involves a cost-cost analysis instead of a cost-benefit analysis. Managers decide to spend so much money now in security to avoid spending so much more money later if something goes wrong, similar to buying an insurance policy.
But good security experts know that security is not about keeping bad things from happening, but rather about enabling good things to happen — like those automobile brakes support an environment where your car may go fast.
One way in which security centers can do this is to make wide use of data collected by security measures. How can information be aggregated and presented in such a way that makes it useful business intelligence?
Hunt suggested that looking at ways to analyze data would prove useful. For example, if a business knows who is in a building, it can use that information to inform decisions around physical access control. In a similar way, a business can manage IT access control by using tools to determine logical access by seeing who is on its networks.
Assessing how the two overlap can provide useful business intelligence.
“When we converge that information, and we can see who is using network assets while they are in the building and who is using network assets while they are outside the building, that is an additional layer of intelligence that magnifies the usefulness of that information,” Hunt said.
In that way, managers can take events from a security system and turn that into information.
Paul Boucherle, founder of Matterhorn Consulting LLC, echoed that sentiment. Right now, security systems collect a great deal of data but businesses could realize more value from that data if they analyzed it to discover trends, Boucherle said. In the past, integrators never faced the challenge of handling this much data.
More and more in the future, “we will take that data and actually analyze it and come back and make recommendations,” Boucherle said. “That’s a unique skill.”
And so the trusted security advisor of the future, who may well be an integrator advising a customer, is one who encourages security with discussions of creating an environment that enables businesses to make strong decisions based on data analysis.
In the past, knowledge, experience and credentials defined your business value, said Boucherle. Today’s markets may cause confusion with changes in competition, technology and buying processes.
“More cooks are in the kitchen making decisions and we don’t know their background,” Boucherle said. But as the importance of collecting and analyzing information for business continues to grow, consultants are going to get a chance to prove their relevance based on their knowledge.
Customers expect information to come from every possible source — sources such as a sensor in alarm system. And integrators can make good use of that information. When they do so, they enable the car to reach even higher speeds.