Filling the gaps in security information management

There has been a debate within the industry for some time now over what exactly constitutes a true security information management solution. Everyday, security personnel at organizations both big and small are bombarded with data from the security devices they use, be it alerts from video analytic software monitoring surveillance feeds or alarms triggered by intrusion detection sensors. While having more data to work with can be a good thing, the challenge comes in being able to aggregate all of this information into actionable intelligence.

In a panel discussion entitled “Security Information Management Platform: The Death of the Closed System,” at this week’s ASG Security Summit/The Great Conversation event in Seattle, industry experts weighed in on the subject. The panel included; Jeffrey Slotnick, chief security officer for OR3M; Tony Oxford, senior director of business development for General Dynamics IT; Steve Surfaro, business development manager for Axis Communications; Brian McIlravey, co-CEO of PPM 2000; and, Joe Fairchild, security technology program manager at Microsoft.

Slotnick said that, for most people, implementing a physical security information management (PSIM) software platform generally passes as an adequate solution for meeting security information gathering needs. However, Slotnick explained that in reality, a PSIM solution is just one aspect of having true situational awareness. “It doesn’t look at the bigger picture. The essential components of physical security are people, processes and devices,” Slotnick said. “You’re just getting one leg of this with a PSIM.”

The panel’s moderator, Ron Worman, managing director of The Sage Group, compared the current state of standards in the security industry to that of computer software and hardware makers in the 1980s that were initially hesitant to adopt standards, but eventually saw a market boom when they softened their position. He said proprietary, closed systems are one of the factors holding the industry back from being able to reach its full potential as open systems would enable full integration of the data gathered by an organization’s security devices. “Markets get released when proprietary goes out the window,” Worman said.

Surfaro believes that security information management systems will eventually evolve into a search engine-like tool that enables users to get the information they need quicker and more effectively. “The most important thing is how information is consumed,” he said. “As long as you understand how information is consumed, it will get produced.”

Because Microsoft doesn’t have a physical security presence at every one of its’ more than 700 sites around the globe, Fairchild said that document management has been a key element in managing security information at their facilities. In fact, the company used its own commercial-off-the-shelf (COTS) solution called Microsoft Office InfoPath, which gives workers a streamlined way to provide critical data to their central station monitoring facility. This data includes a contact list containing the names of five different people to notify during an emergency. “When you call, you want someone to answer the phone,” said Fairchild.

According to Fairchild, the company had to develop emergency response plans for all of these sites and InfoPath has provided them with a way to efficiently communicate these plans with their various offices and also keep call lists up-to-date. Additionally, because it’s part of Microsoft Office, InfoPath is simple for employees to use and doesn’t require any additional training.

Essentially, McIlravey said that it doesn’t matter where security data resides on a network, but what’s important is that people are able to retrieve it when necessary. “Does everyone need a GSOC (global security operations center)? No, we all need a tool that helps us make the best decisions,” he said. “We want the information. We want to be handfed data.”

The future of security information management may be aided by the evolution of what’s referred to in the IT world as “big data analytics,” which allows users to examine large amounts of information to decipher different patterns. Though it is in its infancy, Fairchild said the technology is already being used by retailers to find patterns in consumer shopping behavior for the purpose of developing individualized marketing campaigns. This capability could provide security departments with an advantage when it comes to determining where more resources should be devoted. Just exactly how this will play out is anyone’s guess, but it’s only a matter of time before the flow of security information becomes more streamlined.