When a customer makes the decision to implement a security operations center (SOC) or control room into their overall security plan, there are a number of ways the project can begin. Some know exactly what they want and the functionality they require, working directly with an integrator to accomplish their goals. Others, however, may need additional support in developing a true vision for the safety of their facility. That’s where consultants come in.
For some, like Thiel Strategic, there are a number of ways a consultant can get involved in the SOC development process. Many times, the relationship begins with a comprehensive threat assessment of a facility, where an organization can identify where gaps in security may be. The next step in the process is evaluating the technology piece, which is where an integrator like Vistacom comes in to work side-by-side a consulting firm to determine what’s already in place, what’s missing and what’s needed.
“When we take on a project, we create a holistic approach for a security program that eliminates siloed systems and operations,” said Charlie Thiel, from Thiel Strategic Communications, a consulting firm in Allentown, Penn. “Many of the organizations we encounter are siloed – from IT to security to facility management – and those silos must be broken down to create the kind of integrated environment that an effective security program requires.”
To do this, Thiel said there are three elements to address to fill in the gaps within an organization:
Policies and Regulations
It’s critical to develop policies and regulations that dictate the direction of the security program that can be mandated across the organization. This needs to be well structured, well written and clear to those it affects.
People and Procedures
Another important element in place is the people involved in the decision-making process. Answering questions about the various roles of human resources, IT, security and management play in the process is
Technology
One of the most complicated elements has a lot of moving parts. Typically, today’s enterprise security systems are built on the foundation of IP networks, requiring software that interfaces with the operations piece of the puzzle. Working with an integrator like Vistacom is important in this step because of the company’s extensive knowledge of the various pieces of technology that needs to be in place to formulate a common operational picture.
Taking each of these elements as it relates to a company’s organizational culture is critical to building a successful approach to security. “Security can have a huge effect on an organization – both in a positive way AND a negative one, especially if procedures are implemented in a haphazard manner with no means of communicating change to team members. That’s where a consultant can come in and streamline the process.”
Combining the procedures and communications, along with the technology piece that Vistacom delivers to customers, creates a culture that helps make team members feel safe and secure in the environment. It also communicates to employees that they matter and are important to the company’s overall goals in building an environment that is positive, forward-thinking and places people at the heart of its business.
“At the end of the day, it comes back to the end user and creating an effective security program that reduces risk, encourages compliance and streamlines operational effectiveness,” Thiel said. “Culture often gets overlooked, but people should also be a big part of the process.”
