Interview between Mark W. Gabel, Co-founder and Managing Partner, Salus Secure Environments, and Kris Coleman, Founder, President, and CEO, Red Five.
Mr. Gabel: When you guys are implementing one of your security programs what are some of the elements that you are looking to implement.
Mr. Coleman: It’s really a robust process and what we try to think about are three things to start. One, is people. Are the people trained, do they have awareness? Do you need other people? Do you need executive protection? Do you need guards? Do you need a cyber person to help you? People is an important piece.
The next piece is procedures. With corporations, it’s also called policy, governance. But if we just talk about procedures, how do you deal with security around your house? Do you pay attention to locking the doors at night? Do you pay attention to your surroundings walking from the office to the parking garage? The procedures around how you do things. Do you use good strong passwords? The procedures around how you travel. Do you share your schedule with everyone? How do you get a taxi when you land at the airport in a foreign country? The procedures are important.
And then lastly technology, it’s extremely pervasive throughout all of our lives. We all have a bunch of devices. How are we securing our technology? Where are we putting cameras? Where might we put a special door? What kinds of things might we put a censor on, on a perimeter? It’s always people, it’s always going to be procedures and it’s always going to be technology.
Now, on top of that we always want those three things to do, to apply the right kinds of principles to a program. We love deterrents, we like to have strong deterrent so people will not take advantage of us. But deterrence is hard to measure. You’ll never know how many bad guys were turned away because you had a strong door, a strong lock or a strong alarm system. Dogs are great deterrents, but you’re not going to really know how effective it was. Then you have a level of detection. So, on the furthest point away from your home for instance, is the asset you want to protect, you want to detect bad guys as far away as possible. Gives you lots of time to react, so, detection is important. That could be an alarm sensor, that might be the dog, that might be that we’re doing something on the cyber front where we’re actually detecting malware coming onto your system. Detect at the furthest point out. But it’s got to be detection, not just watching.
Which takes us to the next level, which is really talking about assessment. We can detect it, but if we’re not actually assessing it, did you really see it? A lot of people put up a bunch of cameras, but no one’s looking at the cameras. And then if you’re looking at the cameras and trying to assess the concern, can you tell if it’s a deer or if it was a person crossing the fence line? Can you tell if they have a gun or not? Can you tell which direction they’re moving on your property? The assessment piece is very important, if you’re not doing assessment then detection becomes really difficult. You have detection then you have assessment and when you move from assessment you really want an element of delay. Delay can actually help you, give you more time to assess. What I like about security doors, whether they’re on the exterior of the property or on the interior of the property is the element of delay. It’s going to slow the bad guy down whether they’re trying to get into the property. Same thing for corporate environments, you want to have strong doors at the perimeter, strong doors at the office level for the execs or whoever may be under threat, so delay is an important piece. We go from delay and we’re talking about response. What is the response? In a private home it may be, you as the owner, you might be responding to the issue.
Ideally, it’s 911 and someone’s coming, but we don’t know how long that’s going to take. At a corporate environment it may be a guard force that’s responding. Response is an important piece and then what do you do when you get there? Maybe the response for the guard force is: observe and report. “We see something going on, I’m calling the police.” But that doesn’t neutralize the threat. Is it the responsibility of the guard force or the police department to arrest and detain? Or stop the threat, whatever it may be. So, it’s the key elements of people, it’s procedures, it’s technology, but then you got to build them into that methodology correctly. Of deterrence, detection, assessment, delay, response and then neutralization.
Mr. Gabel: So, it’s not really just one thing that you can do that gives you true security. You’ve got to really look at it from every different aspect and really again, take a holistic approach, because everything is as strong as its weakest link.
Mr. Coleman: That’s exactly right. And it sounds complicated, but when you bring in an advisor, this is what we do. So, we can make it really a simple process for all the people that need this kind of thing.