The Security Week That Was: July 13, 2007

Security Superstitions and the School of Fish

Good old Friday the 13th. I'm not superstitious but I know some who are. I have a friend in the finance industry who wouldn't be the type you'd normally pick out of a crowd as the one most likely to be superstitious, but on Friday the 13th, he doesn't leave his house; he doesn't call on clients and he doesn't do anything that has any sort of potential or perceived risk. Were he a security director, I'm sure he'd be chewing his nails off, worried that the strobe lights and sirens would be kicking on any second now and that the facility would be stormed by giant ants, terrorists and disgruntled employees. As it is, I'm off to see the security and business continuity operations for a top technology firm today; I may not be superstitious, but here's hoping I don't sit down on the system panic button when we're in the security control room. After all, it is Friday the 13th.

Travel always does a good job of opening your mind up to think about things in a different way. Maybe it's because you sat for three hours next to someone of a totally different background and culture. Or maybe it's because the coach class seats are so small that the only place you have any room is in your mind itself. As I was heading out across the U.S. last night, two things came to mind in terms of security.

The first came to me when I was in a long queue to go through the TSA security checkpoint. Let me give you a little background. I usually fly out of Hartsfield-Jackson International Airport in Atlanta, Ga. The airport has the distinction of being the U.S.'s busiest (well, sometimes it battles for that distinction with Chicago), so that means a lot of people to go through the security checkpoint. I groaned when I came to the security line on Thursday; it wound its way through all of the serpentine channels that had been put in place. I looked at my watch – 30 minutes until boarding – and my boarding zone (the last one) and figured I'd be OK. To my pleasant surprise, I found the security queue (which British authorities warn could be a potential terror soft target) moving rather quickly. Before I knew it, I was on the other side of the metal detectors, pulling back on my shoes. The lesson from this, I think, is that security – even when it's bulky and prohibitive – doesn't have to be cumbersome. The TSA crew has done a wonderful job on education, so that by the time you slog through a 1,000-person-deep security line at Hartsfield Atlanta Airport, you're not grumbling and sputtering; rather you are prepared and in harmony with security. (Now if you could only get your employees to wear there badges facing forward, things would be in harmony at your facility, right?)

The second insight into security which I had can be distinctly attributed to a late night connection flight to California. As the plane was being boarded, the airline had put on this strange little film that merged psychedelic fractals, spinning diamonds, space scenes and video shot in our nation's oceans. As a fan of snorkeling, I enjoyed the ocean scenes, especially the video clips of fish swimming in enormous schools. The brief video was to be no more than general eye candy for people impatient to get home or to a hotel, but I found myself paying attention to the subtleties of the schools of fish. There were four things which I noticed about fish in schools; and I think each relates to how security programs are run.

1. Fish swim in schools because it gives a perceived sense of safety and it puts the odds on your side that Mr. Pointy-Tooth Shark is going to get Nemo rather than you. Likewise, security people tend to do similar things, use similar technology and always wait on buying that new technology system until they've heard that someone else has already tested it.

2. The fish swimming at the head of the school were probably safer from shark attacks, but they also seemed to have directional problems and have to use more energy to keep moving. To relate that to security, if you want your security to be on the cutting edge, you may be safer, but you better have a deep money drawer, a lot of coffee or Red Bull, and also be able to notice when you've gone the wrong way as you pursue leading security policies and technologies.

3. When fish came out of the school, they made every effort to quickly merge back into the middle of the school. OK, turn that to security – if you fail on compliance, get a bad audit or find a gaping hole during a risk assessment, you need to immediately look at benchmarks and get yourself back into the middle of what are considered security standards.

4. Big fish and sharks don't always pick off the slow fish that can't keep up with the school; sometimes they point their enormous, tooth-filled jaws into the middle of a school of fish, ingesting a dozen at a time. Lesson in security: No one wants to be the slow fish, i.e., the one with the least protected facility; but sometimes doing what everyone else is doing isn't any safer.

Okay, enough superstition, security lines and zany videos from a U.S. Airways flight; I'm going back to the news.

Who Bought 'Em?
The two biggest deals of the week

Ackerman Security of Atlanta, Ga., purchased Impact Security, a nearby suburban security firm. It's Ackerman's first acquisition in quite some time; despite the fact that the company has been no slouch on growth – which the company is proud to attribute to good-old organic sales activity. I was on the phone with Doug Cram, chief operating office of Security Holding Corporation about a week or two ago and was told we should probably get in touch in a week or so. Here's why: This Monday, Security Holding Corp. was announced to be leaving the arms of Homeland Security Capital Corp. and moving into the arms of RFID and incident response systems firm Vuance.

Other News
Is homeland security "more than a feeling"?

Chertoff has a gut feeling something bad is going to happen, and there were some "security insiders" saying there were credible reports that an incident would happen July 10-12, 2007, against U.S. airlines, but America seemed to collectively yawn at these security warnings. I suppose when airlines remain on the second-highest threat level for many, many months at a time, it's a bit numbing. … Megapixel security camera maker IQinVision is starting a certified training program for dealers and integrators. … Mike Miller is the NBFAA's new president. … Johnson Controls landed part of a $2.12 million job to improve security at the Birmingham, Ala., airport.

Finally, a look at our most read stories of the week: