Blog

I have done a few security surveys in my life and I feel I need to share some important thoughts.

Whenever I am surveying a facility, I do not consider security components in silo. I do not care if they have the latest CCTV (technology), the most certified security personnel (people) or the best written SOPs in the industry (procedures). They bring no value if they are installed as standalone systems, if they are not integrated with each other and if they are not able to work in synergy to protect the organisation, whatever the industry we are talking about.

I will exemplify it with a comparison. Let’s consider Airport X serving 20 millions pax vs Maintenance Facility Z. Located on different continents. Same medium-high threat levels.

Airport X has purchased the latest and most expensive CCTV system on parts of its perimeter. Does any security personnel monitor it in real-time from an Ops Control room? No. Is this modern system integrated with some Intrusion Detection Systems able to activate the recording once an alert has been triggered? No.

Then I ask myself: why bother spending those $ on a system that does nothing more than to provide footage after the incident? Was this objective captured in the procurement planning phase? Maybe yes, maybe not but, most probably, at this stage, the stakeholders wouldn’t have differentiated between the proactive and reactive objectives anyways.

So, my conclusion at this point would be that Airport X has just ticked a box. Somwhere in their national or local regulations there was a stipulation to install a CCTV System. So they did. Does it protect against a malicious intruder? No! Does it allow for an early detection capability in case an external threat tries to penetrate from outside? No! Does it allow a review of boundary penetration footage 5 days after occurence? Maybe, if features such as storage, lighting, image quality etc. have been properly set.

Now, let’s consider Maintenance Facility Z. They have purchased a cheaper Video Surveillance System BUT they have coupled it with an Intrusion Detection System (IDS), a Security Ops Center manned 24/7 and vehicle patrols running around the entire perimeter day and night. At this location, once the IDS has been activated, the video analytics that the Video Surveillance came equipped with, automatically starts recording the Area of Interest and the alert that prompts the security officers in the SOC allows them to immediately communicate with the patrols in the field. Thus, in a few minutes time, the patrols are able to respond. There’s much more to discuss about the response and neutralisation capabilities but the point is this:

In the case of Maintenance Facility Z, the Video Surveillance, PIDS, communication channels, and vehicles allow the security personnel to apply a procedure in case of an intrusion event. All these 3 components of technology, personnel and procedures are working in synergy to protect the organization. Sure, we can discuss about the efficiency of the response quality and time but the foundation is there. In the case of Airport X, they have a technology, yes. It might tick the Civil Aviation Authority box. Does it do anything in a real scenario? Does it allow some personnel to assess the alert and respond in real time? Are there any procedures describing the steps to take during a penetration incident? No, no and maybe!

This is why whenever I am surveying an airport or any non-AVSEC facility I am always looking to figure out how the entire security setup is protecting the organizazion. To get a good picture of it, I’m always looking if there’s any harmony between the security staff employed, the technology they use and the procedures they follow.