Security Science, Technology & The Human Factor
By Rob Kennedy BA (Hons), MSc, MSyI, TechIOSH
SecuriGroup Training & Development Manager
This article was first published in The Professional Security Officer Magazine - click here to read it.
The rapid advances in technology of late have provided some fantastic resources to be deployed. We now have CCTV that can analyse and detect behaviour that differs from the norm, a vital tool in detecting suspicious activity early. Radar Perimeter Intrusion Detection Systems (PIDS) now protect our airports and are moving into the private sector at a pace. But what about the security officer? Are they becoming obsolete?
This article aims to stress that the human element is the salient factor to enable good security.
The security industry in my opinion is a fantastic field to work within. There are so many challenges to overcome, but of course we must ensure that we don't rest on our laurels and allow complacency to kick in. We need to be constantly changing, updating and modifying plans, methods and operational requirements to meet and mitigate the dynamic threats that we face. This would include utilising current technology to aid our operations.
The reason this industry is ever changing is because those that would do us harm are constantly seeking vulnerabilities to maximise their gains. The below causal chain used in security risk management details how threat, vulnerability and risk interrelate:
- Intent (of criminals/terrorists) x capability (of terrorists/criminals) = Threat
- Threat x vulnerability (of victim/building/event) = Likelihood (of attack)
- Likelihood (of attack) x impact (of attack) = Risk
As security professionals we need to be aware of the current threats but also conscious of possible threats. For example, the current use of veh ides as weapons (VAW) has resulted in the innovation of mitigation techniques/infrastructure to counter vehicles as weapons (C-VAW). Our cities/crowded places are now being upgraded with various means to mitigate this risk, some of it is obvious, some only obvious to the trained eye. The race is now on, how long will this attack method be used? When will terrorists be forced to change their methods? What will be the next form of attack? Are we prepared?
The next form of attack is what keeps us security professionals on our toes. A fantastic phrase that I agree with (but unfortunately can't identify who coined it) states that:
"Counter terrorism and crime prevention are two sides of the same coin."
If you manage to get the CT aspect right, the diffused benefits include good crime prevention. This is because criminals, like terrorists, look at the vulnerabilities of the victim/building/event before making a decision to target them. Good security influences those decisions to deter criminals from targeting your site.
How we achieve good security is of course a matter of opinion. The industry as a whole is not as professional as it could be. Those of you that know me understand my feelings on this and that I am passionate about changing this for the better. My advice to budding security professionals is to underpin your planning with theory because believe it or not, security is rapidly progressing to be recognised as a science in its own right. Don't be one of those so-called professionals that justify security plans, deployments and policies with 'just because'.
How do we bring science into this? Security plans should be underpinned by criminological theory that supports situational crime prevention; this would include:
- Routine Activity Theory
- Rational Choice Theory
- Crime Mapping
- Crime Prevention through Environmental Design (CPTED)
I do not want to dwell too much on criminology as those interested can read all about it in a previous article by clicking here.
Of course, technical solutions to aid security operations are advancing rapidly. CCTV has progressed immensely as has artificial intelligence, loT innovations, access control, active access delay systems (AADS) and gunshot detection (GSD) to name but a few technological advances. The benefits of using advanced technologies is not only deemed good practice but also better equips the security officer to perform their role. For example, better and quicker detection enables a quicker response.
Whilst tech firms will advise that they can provide a total security solution, it is worth noting what criminals actually think about technology. The Security Research Initiative (SRI) has conducted much research as to what criminals actually think of technical security. A recent publication by the SRI identified that offenders often see more opportunity when technology replaces security officers.
This is supported by the notion that as technology replaces the security officer, whilst offenders may be detected, the response times are longer if security officers are not dose by. This relates to the security triangle of Detection-Response-Delay (if the delay time is shorter than the response time, we have a vulnerability). This rapidly decreases the deterrence factor, especially as the Police at present are stretched, or as the offenders believe uninterested.
The SRI research also identified that criminals believed that they could find a way around technical security, whilst they feared the presence of the security officer. It would therefore make sense that a converged approach utilising people and technology is required to enable good security. I often employ a security system/model based on a three-tiered system to enable a converged approach:
Step 1: Primary Measures
Create a strong security culture.
Situational crime prevention measures (including technology)
The design, image and reputation of the location This, if done well, sends out a message that aims to deter would be criminals by influencing their decision making (not to target this site).
Step 2: Secondary Measures
Security officer presence
Security product presence (technology) This presence in itself is designed to deter would be criminals by providing a 'capable guardian' (Routine Activity Theory).
Step 3: Tertiary Measures
Verbal challenges (as a customer service approach underpinned by basic behaviour detection techniques)
Coercion: This is the ability of the human element to control the behaviour of visitors and influence and deter would-be criminals by providing and reinforcing the capable guardian (Rational Choice/Routine Activity Theory). This also allows the security officer to signal what is acceptable behaviour to maintain the image, reputation and norms of the environment.
These measures are all underpinned by the criminological theory previously mentioned and can be applied to any security operations, from corporate boilain to music festivals.
Of course, good security relies on good people. I can personally testify from when 1 conduct intrusion tests, that a motivated security officer is far more of a deterrent than one who isn't Of course, motivated staff are the product of good leadership, good follower-ship and good training. It is down to individuals like yourself to ensure that your staff and colleagues are provided with the correct tools, information and training to perform their role.
Why? Because they are the most important factor in providing good security. Don't just take my word for it though: ask the criminals.
For all media enquiries, please contact the SecuriGroup Communications team at firstname.lastname@example.org
SecuriGroup is rated within the top 1% of approved UK security companies by our Home Office regulator, the Security Industry Authority.
Strengthening the society in which we live, and an Investors in People Gold organisation, SecuriGroup provides innovative and expert solutions to our clients’ security needs. A two-time winner of ACS Champion of the Year, our security management approach shapes the future of the industry by combining physical, electronic, and cyber security to augment our service delivery.