The digital transformation of global security

We are in the digital age and technology drives our daily life – massively impacting the security environment, writes Gunar Korm, Senior Manager, Security.

The digital transformation of global security is the next logical step in the change of global economy, while heading towards the fifth wave of the industrial revolution.

Fully automated systems, unmanned robotics and AI dominate communications globally.

We face the need to adapt to new business requirements as customers change their habits and service expectations more into digitally served products. So, business models have to digitally adapt to remain competitive.

The mission of global security is to protect business models against security risks and to protect employees. But, where does global security go? Why cannot it remain in the traditional setting?

To remain capable, technology trends and a digital redesign of services must be applied. Tech-based opportunities require a permanent adaptation but also an awareness regarding the risks that follow the utilisation of new technology.

The pace is faster, the changes more extensive. Digital transformation represents the accelerated integrating of new capabilities to achieve the security objectives.

Today, innovation, technological trends and hype surrounding digital solutions has disruptive effects on social life and global economy in a way that exceeds known scales.

New technology enables a wider data-driven approach for new security service delivery models than in the past.

Technology can take over functional and procedural activities in several security domains simultaneously to achieve defined security objectives.

All security domains are required to join the digital journey. The simple reason? To remain capable of protecting business models.

Through new technology and created data, the return on security investment can be measured so that costs and results of can be presented to the C-Suite precisely.

What are important new trends to know?

Cloud computing – data is not hosted on-premises anymore, but via the internet, transferred and stored in data centres of suppliers. Big data is processed virtually in the cloud.

For example, data of security suppliers and physical security systems is processed online only. Without cloud computing, the size of data could not be handled.

Internet of Things (IoT) – via internet software, hardware and security systems are connected so that activities and processes can be managed online, simultaneously and in real time. The machine-human interface is furthermore replaced by machine-machine interfaces. For example, alarm responses to physical security incidents can be transmitted and analysed via IoT sensors.

Business process automation (BPA) – processes of employees are taken over by digital solutions to reduce time, financial resources or errors. Priority of BPA is focussed on repetitive workflows, where machines can take over the responsibilities.

AI – activities and methods that intend to achieve the same intelligent capabilities of humans or animals by machines. IT provides the technical environment for models that have connections to other disciplines, such as neurology or psychology. The more data is processed and supervision is provided, the better AI will be. For example, a video surveillance system at a facility is enhanced with AI to analyse visual footage with police portraits and compare images with the scan of the facility.

Augmented reality (AR) – augmented reality adds digital information to human sensory perception with technological features while the user does not leave the physical environment. For example, with AR-glasses, a manned guard can receive additional information on the patrol that is conducted or a CPO can receive latest tactical information while working with the principle.

Virtual reality (VR) – within an entirely virtual created environment, built by software and hardware, all physical information is replicated digitally. The user accesses a virtual world that enables a 360° activity according to prepared and programmed designs. For example, security awareness training or risk assessments on assets can be conducted virtually with scenarios other than the physical space.

Digital twin – a digital twin is a digital representation of a physical asset or whole environment that exists in real life. The details of the digital twin can exceed the usual perception of humans by available data and enable educational and learning activities in a much more intensive dimension than working with the physical original. For example, assessing the impacts of security risks on assets can be achieved by simulations more excessive than in the traditional physical way.

Biometrics – this is technology-based authentication by utilisation of an individual’s biological information. The previously stored data is compared with the current data of the biometric sensor to calculate the difference. For example, a face recognition sensor in a camera of an access control system identifies individuals to grant access.

Blockchain – technology utilised as a decentralised database in which data is connected as a block chain of data. It can be used for securing financial assets and tracking financial transfers as a protective measure against manipulation. Blockchain can be used for security monitoring within supply chain security, tracking sealed cargo or preventing smuggling.

New combinations of security services with shared data models can be: (Physical security) guarding – investigations using biometrics, AR/VR and robotics to secure assets, reduce delay times in alarm response or provide overlapping capabilities to manage security risks on-premises; business event security, travel security, cybersecurity and executive protection can also interoperate with AR/VR + AI solutions, when working with a principal or a group of persons to be protected within a setting.

Data-enabled DNA

By using innovative solutions, digital transformation integrates technology to reshape the security service delivery model. It enhances data in all activities of security to create new capabilities in a ‘digital first approach’. The original security capabilities remain as traditional roots. But, digital transformation extends the capabilities so new security processes, digitally operated, are available.

Every security process must be digitally twinned and applied digitally first. Data is the key to understanding the business environment and enlightens the unknown dependencies and relationships that could not be handled successfully in the past.

Data is the critical success factor in the new security model and must be the key asset and starting point of service design. Security governance must not only implement a set of rules, but must also enrich a data approach entirely and encourage security professionals to implement security data first before physical operations are initiated.

Data is like diamonds from a metaphoric perspective. For security, that means data is the new accelerator for every security operation to achieve organisational resilience. The digital transformation is the successful journey towards a data-enabled DNA.

The change of business models and the development of new assets create a new security risk environment. Technology now more extensively provides opportunities for CSOs and CISOs to collaborate based on data and apply a security fusion with common security objectives.

A ‘one-security’ approach, by analysing and utilising security-related data comprehensively across all security domains, can significantly accelerate the transformation; it is also a challenge between parties, with the opportunity to collaborate leading to a win-win for both sides.

The integration of data analytics into all security domains provides a baseline for the learning curve of security professionals. Besides having knowledge in several security domains, the essentials of data science will support the growth of the subject matter experts’ productivity for the organisation.

This engagement of asset protection in the data approach will enable the delivery of results in various ways. Ongoing learning and the growth of a data mindset will be the standard to provide security of an organisation with more impact and visibility. CSOs will help to grow the performance of their teams and achieve new market opportunities compared to traditional engagements. Here are the top ten benefits for CSOs to realise:

• Achieve customer success with new security deliverables
• Provide new business opportunities verified by data
• Deliver security services with more speed
• Save multiple resources, such as costs, time, external data imports
• Support state-of-the-art enterprise security risk management
• Quantify security by collecting data; analysing and applying via data analytics
• Prevent unknown losses due to inefficiencies and a lack of data visibility
• Enable a proven return on security investment
• Implement state-of-the-art business protection in the 21^st century
• Realise the ‘one security’ model by connecting all security domains through data

A CSO can start the success story of his team and build a new security service delivery model by following these actions:

1. Know the change of your organisation’s business model for the next three, five and ten years. This is your guiding pathway to designing a digital transformation strategy aligned with the business
2. Understand your internal customers and who their customers are – both will define the future of your organisation
3. Join transformation initiatives of your organisation and build relationships with other leaders. Learn from wins and losses
4. Envision an innovative security service delivery model. Inspire your team for a new approach. Stimulate and empower your team for new ideas
5. Assess your organisation’s digital maturity and the capabilities of your global security services. Define your processes and the security data involved. Bring structure into your security service
6. Initiate a small pilot project, then go for a larger second project. Include trusted suppliers and work with those who know you and your organisation. Do not oversize in the beginning
7. Build joint taskforces with other security and protective teams, such as information security, cybersecurity and business continuity to collaboratively use security data and build a data lake
8. Create a security transformation lab including data analytics to support the reshaping of your security domains and to enable a new digital culture
9. Implement a permanent scan for new technology trends. This is the food for your security transformation lab and the ignition for conversation
10. Accelerate your speed: Technology changes faster than some typical project plans. Have your pilots completed before new tech trends replace your plans. Do not get outdated!

Every day of waiting and sticking to outdated processes is a day the adversary remains ahead.

Digital transformation enables the prevention of attacks through technology and utilises the machine for standard activities.

Focusing your teams on anomalies and intellectually sophisticated objectives is the new way to deliver security and the future of protecting the business model.