Dr. Bob Banerjee is the senior Director of Training and Development for NICE Systems Security Division, based in Paramus, N.J., www.nice.com.
Over the last year, Physical Security Information Management (PSIM) solutions have gained substantial traction and industry analysts, such as Frost & Sullivan are still predicting exponential growth. As someone who has run educational PSIM workshops around the U.S., I have more than just a passing interest in PSIM. While I like to think the workshops have enlightened those attending, they’ve equally enlightened me about the types of challenges organizations face, and how PSIM can help. Here are my insights, predictions and a look at what’s on the horizon for PSIM.
1. The PSIM conversation is changing from “integration” to “impacts”
The common view of PSIM has been that it’s mostly about integration, but that conversation is changing. The real magic sauce of PSIM is what it can help you do, not simply what you can integrate through it. The ability to form a common operational picture, to ensure Standard Operating Procedures (SOPs) are followed, to adapt real-time responses to evolving threats, to record every action and outcome for 360-degree incident debriefing, to learn from mistakes as part of a continuous improvement cycle, to ensure business continuity and regulatory compliance—these are all the real impacts of PSIM.
As the conversation continues to shift, look for PSIM providers to strengthen their solution portfolios to maximize these impacts.
For example, we all know that consistency is the cornerstone of quality control. It’s not just the fact that you responded to a situation that matters; it’s how you responded. It’s PSIM’s embedded automated, adaptive response plans that tell operators what to do next; but these SOPs vary across industries and invariably even across organizations within the same industry. Some PSIM vendors are offering starting point packages with frequently used SOPs. Vendors with deeper vertical market expertise are even offering more tailored solutions coupled with best practices consulting. The ability to provide bespoke or vertical-specific SOPs is one of the nuances that will differentiate PSIM providers in the future.
Another impact area for PSIM relates to regulatory compliance. For some industries (e.g. electric utilities), penalties for non-compliance with regulations can be steep and regulations frequently change. PSIM addresses regulatory compliance on two fronts—first, by enforcing compliance through automated processes (and simplifying process changes when new versions of regulations come out); and second, by automating the necessary reporting to prove adherence to these regulations.
As PSIM brings systems together, incident handling, even day-to-day tasks can be captured and time-synchronized. This allows organizations to generate reports instantly on an ad-hoc basis, or automatically at the closure of an incident, documenting every single decision, every move and every comment. There is nothing wrong with static text documents, but imagine the difference a multimedia report could make. Certain PSIM solutions even provide detailed reporting that incorporates all sub-systems in an interactive way. You can hear the expression during phone calls, the pressure in radio traffic, watch video clips from cell phones that have been sent in and track the real-time positions of mobile assets on a 2D or 3D map as the situation unfolded. These richly interactive reports can be used to demonstrate compliance, as evidence in court or even as a training aid. As organizations discover PSIM’s rich reporting I predict we will see a growing use of PSIM for such applications.
2. PSIM is being used for more than physical security
While PSIM evolved out of security, organizations are now looking to PSIM to also enhance safety, operations and overall return on investment (ROI).
I’ve seen airports and mass transit operators taking it to the next level—starting with security, but then broadening the scope to safety and even operations. If you think about all of the things that PSIM can do—connecting the dots between different systems, creating the common picture, providing a consistent way to manage incidents and documenting their resolution—then you can begin to envision other applications. For example, an airport can use PSIM to coordinate all of the complex processes and resources involved in managing an emergency landing, other operational scenarios involving gate closures or maintenance issues.
Crowding and long lines can create bottlenecks and frustration in airports, train stations or anywhere for that matter. By integrating PSIM with video and analytics, you can identify overcrowding hotspots and alert operators to take actions to send additional staff, open more lines and so on. Russian rail operator Aeroexpress uses PSIM in this fashion. They also use it to track and report on the number, severity and types of incidents at each location and watch how those stats are trending. Tracking these “pain-points” helps them identify root causes of problems and continuously improve their operations.
And speaking of operations, PSIM can create operational savings too. Organizations are discovering that PSIM isn’t just about protecting people, assets and infrastructure—it can substantially reduce operational costs. For example, Millennium bcp, Portugal’s largest bank, was able to reduce false alarms by 75 percent and cut its monitoring and response costs by 30 percent.
These are just a few examples. I predict we will see many more examples of operational uses and ROI for PSIM in 2013 and beyond.
3. PSIM that’s affordable and accessible to all—it’s not a pipedream
Traditionally PSIM has been perceived as the province of massive complex Tier-1 airports, large seaports, major metropolitan transit operators and sprawling campuses and banks that have hundreds or thousands of office locations. I, however, personally know of a medium-sized airport and a shopping mall that handle over 100,000 incidents per year that necessitate some type of response. Like their larger counterparts, they need to know what’s going on around them; they have a desire to handle these incidents more efficiently and effectively; they want to learn from what they do so they can improve their handling of incidents the next time. As long as these organizations operate a command a control center, then at the right price, they are candidates for PSIM.
“PSIM-lite” offerings are beginning to appear in the marketplace that are tailored to smaller less-complex environments and are cost effective and easier to implement. For these organizations, PSIM-lite solutions offer a fast-track to unified security management, by providing a consolidated user interface, automatic adaptive workflows and smart sensor correlation/analytics for core security and safety systems, such as CCTV (multi-vendor VMS), access control, intrusion detection and fire detection. These PSIM-lite offerings will either be simplified and productized PSIM solutions, or they will be video or access control systems that have been enhanced with the ability to see other video and access control systems as well as improved situation management capabilities.
Further addressing the issue of affordability, I am starting to see customers innovate by effectively becoming a kind of co-operative. The primary customer hosts the PSIM system and then offers it to the secondary customers who get to share selective key resources with each other and run their SOPs on that server. Because smaller users do not need to host their own system, the barrier to entry is low, while the benefits are high. Safe city initiatives, mass transit systems and consulting organizations that lead consortiums are prime examples of those taking this innovative approach.
4. PSIM providers who focus on education will lead the pack
The one thing that consistently comes up time and time again is the need for more PSIM education. Frost & Sullivan first identified a PSIM education gap in a June 2012 market report on the global PSIM market. Coincidently, the report came out just a few weeks after my first PSIM workshop. IMS reiterated the need to improve awareness and dispel confusion about PSIM in its market report, released shortly thereafter.
While there’s no direct connection between either of these reports and the NICE workshops, the conclusions in the two studies probably explain why the workshops are in such high demand. They foster much needed PSIM awareness and education.
It has now been about 10 months since I moderated my first PSIM workshop. Participants have run the gamut from consultants and integrators to utilities, oil and gas, banks, transit operations, cities, entertainment companies, police and fire departments, airports and emergency management professionals. I’ve even run focused workshops for individual companies and for government entities who want to invest in a shared PSIM solution. When we first came up with the concept of the workshops, we knew we didn’t want to do the typical road show with sales presentations and product demos. We were striving for an immersive experience that would educate people and help them open their minds to what PSIM can mean to their specific situation.
The experience of moderating the workshops has also taught me a few things. First and foremost I’ve come to the conclusion that the need for PSIM awareness and education is greater than ever. There is a growing fog of confusion as almost every type of security company out there latches on to the PSIM acronym. Also, most people equate PSIM with integration. Fewer are aware of the host of problems that PSIM can solve and all of the different ways it can transform their security and business operations. It is our job to educate them.
So what is my final bold prediction? PSIM providers who recognize and do something about this will be the ones who lead the pack.
Dr. Bob Banerjee is the senior Director of Training and Development for NICE Systems Security Division, based in Paramus, N.J., www.nice.com. A security industry icon, Banerjee has more than a decade of experience, having held senior marketing and global product management positions with several IT and software firms. He holds a Ph.D. in Artificial Intelligence from the Advanced Research Center at the University of Bristol, England.