Over the last year, Physical Security Information Management (PSIM) solutions have gained substantial traction and industry analysts, such as Frost & Sullivan are still predicting exponential growth. As someone who has run educational PSIM workshops around the U.S., I have more than just a passing interest in PSIM. While I like to think the workshops have enlightened those attending, they’ve equally enlightened me about the types of challenges organizations face, and how PSIM can help. Here are my insights, predictions and a look at what’s on the horizon for PSIM.
1. The PSIM conversation is changing from “integration” to “impacts”
The common view of PSIM has been that it’s mostly about integration, but that conversation is changing. The real magic sauce of PSIM is what it can help you do, not simply what you can integrate through it. The ability to form a common operational picture, to ensure Standard Operating Procedures (SOPs) are followed, to adapt real-time responses to evolving threats, to record every action and outcome for 360-degree incident debriefing, to learn from mistakes as part of a continuous improvement cycle, to ensure business continuity and regulatory compliance—these are all the real impacts of PSIM.
As the conversation continues to shift, look for PSIM providers to strengthen their solution portfolios to maximize these impacts.
For example, we all know that consistency is the cornerstone of quality control. It’s not just the fact that you responded to a situation that matters; it’s how you responded. It’s PSIM’s embedded automated, adaptive response plans that tell operators what to do next; but these SOPs vary across industries and invariably even across organizations within the same industry. Some PSIM vendors are offering starting point packages with frequently used SOPs. Vendors with deeper vertical market expertise are even offering more tailored solutions coupled with best practices consulting. The ability to provide bespoke or vertical-specific SOPs is one of the nuances that will differentiate PSIM providers in the future.
Another impact area for PSIM relates to regulatory compliance. For some industries (e.g. electric utilities), penalties for non-compliance with regulations can be steep and regulations frequently change. PSIM addresses regulatory compliance on two fronts—first, by enforcing compliance through automated processes (and simplifying process changes when new versions of regulations come out); and second, by automating the necessary reporting to prove adherence to these regulations.
As PSIM brings systems together, incident handling, even day-to-day tasks can be captured and time-synchronized. This allows organizations to generate reports instantly on an ad-hoc basis, or automatically at the closure of an incident, documenting every single decision, every move and every comment. There is nothing wrong with static text documents, but imagine the difference a multimedia report could make. Certain PSIM solutions even provide detailed reporting that incorporates all sub-systems in an interactive way. You can hear the expression during phone calls, the pressure in radio traffic, watch video clips from cell phones that have been sent in and track the real-time positions of mobile assets on a 2D or 3D map as the situation unfolded. These richly interactive reports can be used to demonstrate compliance, as evidence in court or even as a training aid. As organizations discover PSIM’s rich reporting I predict we will see a growing use of PSIM for such applications.