How Security Operations Centers Can Help Mitigate Physical Security Risk
Physical security incidents cause staggering levels of material damage and cost organizations big bucks. In the construction industry, for example, businesses lose between $300 million and $1 billion every year due to the theft of equipment and other high-value materials, according to data from the U.S. National Insurance Crime Bureau.
The question for those organizations is what’s to be done to ensure vulnerable physical assets and people remain safe from malicious actors. The answer might take you aback: building an integrated Security Operations Center (SOCs) will undoubtedly improve your corporate and physical security posture.
Indeed, as you may know, SOCs have sprouted up in the cyber detection and response space: since they’re always-on operations, cyber-inflected SOCs help ensure timely detection and response, which, in turn, generate downstream financial benefits, as enterprises save an average of $1 million by containing a data breach to under 30 days. But SOCs are applicable to physical security management, too.
Why? At heart, they simply provide a platform for detecting and reacting to security incidents, irrespective of the nature of that incident: physical, informational, or any combination of the two. Other primary duties include: regularly monitoring and analyzing the organization’s security posture, as well as detecting, investigating, responding to, and reporting on security incidents.
The SOC itself is just a facility that houses an organized, highly-skilled security team, heavily reliant on sophisticated technology and well-honed processes to achieve topline, security objectives for the organization. The security team responsible for carrying out the SOC’s core mission will, of course, vary based on the nature of the mission in question. For more cyber-inflected SOCs, an SOC manager heads up operations, overseeing engineers and security analysts. Physical security-inflected SOCs, on the other hand, would house more facilities personnel and security managers. In either context, the SOC team would work closely with Incident Response to coordinate response to security incidents.
What else can SOCs do to improve physical security outcomes? Well, SOC teams continuously manage known and existing physical security threats, based on dynamic operational security risk assessments. SOC teams also work assiduously to identify emerging risks to physical assets and people. What’s more, centralizing physical security operations with a unified set of processes and an integrated software solution provides its own set of benefits, namely improving visibility into and situational awareness of security incidents, as well as cutting down on siloing. And when security incidents do occur, SOC teams improve communications between various, relevant factions of the business (Legal, PR, C-suite, etc.).
Finally, in recent times, lawmakers and national regulators in various advanced economies have moved in aggressively to mandate baseline security measures, especially in the critical infrastructure sector. Robust EOCs and related practices go a long way toward ensuring compliance with those physical security mandates, in addition to easing reputational damage to organizations when security incidents do occur.
Renaud Bidou: Security Operation Center Concepts & Implementation
Pierluigi Paganini, Security Affairs: What is a SOC (Security Operations Center)?
Ponemon Institute and IBM Security: 2018 Cost of a Data Breach Study: Global Overview
For more great content from Noggin, visit our Resources Center.