Filling the gaps in security information management

March 8, 2013
Industry leaders discuss what the future holds for the flow of security data

There has been a debate within the industry for some time now over what exactly constitutes a true security information management solution. Everyday, security personnel at organizations both big and small are bombarded with data from the security devices they use, be it alerts from video analytic software monitoring surveillance feeds or alarms triggered by intrusion detection sensors. While having more data to work with can be a good thing, the challenge comes in being able to aggregate all of this information into actionable intelligence.

In a panel discussion entitled “Security Information Management Platform: The Death of the Closed System,” at this week’s ASG Security Summit/The Great Conversation event in Seattle, industry experts weighed in on the subject. The panel included; Jeffrey Slotnick, chief security officer for OR3M; Tony Oxford, senior director of business development for General Dynamics IT; Steve Surfaro, business development manager for Axis Communications; Brian McIlravey, co-CEO of PPM 2000; and, Joe Fairchild, security technology program manager at Microsoft.

Slotnick said that, for most people, implementing a physical security information management (PSIM) software platform generally passes as an adequate solution for meeting security information gathering needs. However, Slotnick explained that in reality, a PSIM solution is just one aspect of having true situational awareness. “It doesn’t look at the bigger picture. The essential components of physical security are people, processes and devices,” Slotnick said. “You’re just getting one leg of this with a PSIM.”

The panel’s moderator, Ron Worman, managing director of The Sage Group, compared the current state of standards in the security industry to that of computer software and hardware makers in the 1980s that were initially hesitant to adopt standards, but eventually saw a market boom when they softened their position. He said proprietary, closed systems are one of the factors holding the industry back from being able to reach its full potential as open systems would enable full integration of the data gathered by an organization’s security devices. “Markets get released when proprietary goes out the window,” Worman said.

Surfaro believes that security information management systems will eventually evolve into a search engine-like tool that enables users to get the information they need quicker and more effectively. “The most important thing is how information is consumed,” he said. “As long as you understand how information is consumed, it will get produced.”

Because Microsoft doesn’t have a physical security presence at every one of its’ more than 700 sites around the globe, Fairchild said that document management has been a key element in managing security information at their facilities. In fact, the company used its own commercial-off-the-shelf (COTS) solution called Microsoft Office InfoPath, which gives workers a streamlined way to provide critical data to their central station monitoring facility. This data includes a contact list containing the names of five different people to notify during an emergency. “When you call, you want someone to answer the phone,” said Fairchild.

According to Fairchild, the company had to develop emergency response plans for all of these sites and InfoPath has provided them with a way to efficiently communicate these plans with their various offices and also keep call lists up-to-date. Additionally, because it’s part of Microsoft Office, InfoPath is simple for employees to use and doesn’t require any additional training.

Essentially, McIlravey said that it doesn’t matter where security data resides on a network, but what’s important is that people are able to retrieve it when necessary. “Does everyone need a GSOC (global security operations center)? No, we all need a tool that helps us make the best decisions,” he said. “We want the information. We want to be handfed data.”

The future of security information management may be aided by the evolution of what’s referred to in the IT world as “big data analytics,” which allows users to examine large amounts of information to decipher different patterns. Though it is in its infancy, Fairchild said the technology is already being used by retailers to find patterns in consumer shopping behavior for the purpose of developing individualized marketing campaigns. This capability could provide security departments with an advantage when it comes to determining where more resources should be devoted. Just exactly how this will play out is anyone’s guess, but it’s only a matter of time before the flow of security information becomes more streamlined.

Sponsored Recommendations

NYPD launches Knightscope security robot service in Manhattan subway

The first two weeks will be spent on training, configuration and setup protocols for the autonomous robot to navigate followed by patrol activities between the hours of 12:00am...

Hornetsecurity releases "Microsoft 365: The Essential Companion Guide"

Microsoft 365: The Essential Companion Guide is a comprehensive resource that provides an in-depth analysis of Microsoft 365 to help users maximize their efforts when using this...

SecurityDNA podcast recap: discussing digital twins, venture capital and smart cities with security industry futurist Jon Polly

Jon Polly utilizes his knowledge of past security trends to analyze the impact that regulating artificial intelligence and the expansion of digital twins will have on the industry...

One in six attacks on U.S. government offices linked to LockBit

The report revealed that many ransomware threat actors are no longer going after "big game" targets, instead focusing on smaller organizations they presume to be less well-defended...