ISJ Exclusive: How can enterprises effectively prepare?

Ryan Schonfeld, Founder & CEO, HiveWatch illustrates how we can secure enterprises with a data-first approach.

You’ve seen the security footage of masked “bandits” smashing through windows, often in a group, and grabbing as much merchandise as possible in a short amount of time before authorities even have a chance to respond. This new wave of organised retail crime often culminates in these kinds of “smash and grab” incidents with response from authorities slowed and hampered by incoming data moving at a glacial pace.

Three-quarters of US retailers reported an increase in organised crime in 2020 and 2021, according to the National Retail Federation. The group says these kinds of shoplifting incidents now cost retailers an average $700,000 for every $1 billion in sales. This can’t be the norm for enterprise risk management efforts for retailers – or anyone else – anymore.

But, more guards aren’t the answer. More cameras aren’t the answer. The answer? Taking a cue from emerging tech companies and applying intelligence to be more proactive.

But I know what you’re thinking: Everyone says their platform allows them to be more proactive. Allows them to see what’s not (yet) there. But therein lies the problem – they don’t yet have the ability to make more intelligent decisions using data fused together to form a more intelligent picture of enterprise risk.

As businesses look to adopt a more proactive approach to enterprise risk management, they must embrace the shift toward increased automation capabilities alongside strong resource allocation – and this doesn’t apply just to retail organisations. This can be a challenging vision for many businesses to adopt, but the outcomes far outweigh the challenges.

Melding disparate systems to gain more insight

Often, the devices and systems that monitor a location – or several locations – don’t do a good job of talking to each other. A camera system may not communicate to the access control system, the intrusion systems may be standalone and then there may be disparate cameras, access control panels and doors and intrusion systems deployed at multiple locations across a geographic region.

Layering intelligence with physical security data

With all the disparate systems collecting tons of data, there’s a high level of complexity when you incorporate intelligence, situational awareness, social media, employee travel and new security responsibilities with remote and hybrid work situations. Advanced technologies that fuse sensors together to combine data from the various monitoring systems and security sensors can provide a fuller picture.

Predicting actions through ongoing monitoring

The smash and grab examples mentioned above have often gone viral and have also spurred copycat criminals to try and achieve the same results. In many cases, these coordinated attacks were planned via social media sites and often take the locations by surprise. These acts expose the limitations of traditional physical security tools. Advanced intelligence that incorporates data points from the dark web and social media chatter may provide on-site security teams with the information they need to increase resources and share information with law enforcement to better protect the locations and not be caught off-guard.

Involving multiple stakeholders

The role of risk management includes more than just security leaders. Business leaders and asset “owners” are involved in the approach of security, as well, and must be included in ongoing assessments related to the risks of an organisation. The unification of resources – internal and external – to address threats becomes paramount to a successful response.

Reducing noise

Centralising the incoming data from various sensors through a Security Fusion Platform™ helps reduce program noise and limits response to only those events that require one. Along with centralisation, automating this process helps maximise existing staffing and time, allowing on-site security to better keep a watchful eye on the environment, focused on what matters most and reducing the risk.

Creating relationships with physical, IT and cybersecurity

After collecting data, enterprise security leaders must combine it with other sources and share the information with the right stakeholders so that the appropriate response can occur quickly and efficiently. For example, when retail security leaders recognise chatter via social media about a widespread “smash and grab” plot, it’s imperative that other retailers are informed and prepared, with local authorities on high alert.

The unification of data into a single pane-of-glass view makes this exponentially more straightforward, allowing various stakeholders to attain the information that matters most. Furthermore, when security components, IT, physical and cyber, correlate, businesses can increase operational efficiency.

Taming the data

The entire goal of a Security Fusion Platform is to address the massive amount of data incoming at any given time. Traditional security programs amass so much data that there’s an inability to organise what’s collected and to provide any real insights. This creates severe limitations to a security leader’s ability to make rapid, informed decisions to keep everyone and everything safe. Making the data easier to digest, identifying the real threats and communicating effectively to stakeholders is what makes data fusion so appealing.

Taking what we’ve learned, creating more threat intelligence and proactively addressing the problems that traditional security programs have will better prepare enterprises by addressing real time risks. Technology that layers these approaches will be the most effective when push comes to shove (or when smash turns to grab).

This article was originally published in the May edition of ISJ. To read your FREE digital copy, click here.