Skip to content

Image by iStock

Rethinking SOC Functionality and Cost

The security practitioner’s ultimate goal of identifying risk and mitigating it has long been held as the standard. But shifting that thinking in light of current world events is more imperative than ever. Often, the industry forgets that the cost for achieving the goal of safety and security can be prohibitive for organizations that traditionally view security as a cost center rather than a business asset. 

Now is a good time to revisit this mind-set. Considering the global shift toward more service-based providers and platforms for physical security, it can be argued that the overall cost of protection is being reduced. The notion of Security-as-a-Service (SaaS) is quickly gaining popularity among practitioners to get the most out of their investments in security technology. To that end, managed service providers (MSPs) are finding new ways of positioning their offerings as a shift away from project-based security investments towards a more operational expenditure view that benefits both MSPs and end users.

From On-Site to Remote Management 

Security departments today are tasked with far more than asset protection. The shift from facility protection to more health and safety is one we’ve been seeing over time. And this is even more true now during civil unrest and an ongoing pandemic. While the risks of vandalism, theft, or trespassing remain, the risk to on-site employees across a security operations center is another element of safety that must be considered—the risk of catching or spreading COVID-19. There must be a plan in place to address this risk.

For instance, within an on-site security operations center (SOC), operators are often tasked with working long hours and sharing workspaces with multiple coworkers. In the event of a possible exposure to an infected person within the SOC, security leaders must find a way to continue security operations without disrupting the ability to respond to potential threats. In these cases, remote management for a GSOC may become a viable answer as a means to remain redundant and operational. 

But COVID-19 exposure is not the only instance where this kind of ability makes sense. We have seen during the last few months how many facilities remain empty as employers continue allowing work-from-home operations to continue. Buildings that do not have tenants remain empty, yet they still require continuous security protection. Some of these security leaders may identify guarding services as a way to address these challenges; however, remote functionality can be leveraged in these cases to help mitigate threats while reducing the risk to on-site guards and security personnel. 

Tightening budgets in some industries are leading many decision makers to lean into cost-saving measures—but the necessity of security means that cost-cutting must be done by considering the risk and mitigation efforts necessary. Remote SOCs, in many cases, can help bridge the gap between reducing security to meet the budgetary requirements and strengthening protection in light of it. 

From Cost Center to Business Asset

The cost of security equipment failure can be staggering. Take the cannabis market in California, for example. State regulations require all cannabis operations and dispensaries to implement and maintain effective video surveillance systems—and they must be up and running with no interruptions regardless of lighting or conditions. Interruptions or down-time can mean operations are shut down, which can result in a significant loss in revenue for the business. 

The answer to this can be in a remote security operations center that is set up to monitor system health and alert operators to any potential issues, including video equipment failure, ongoing software updates, and more. What this does is shift the SOC from a cost center to a business asset, creating maximum up-time for incoming video data.

Traditionally, in many companies that take time and resources in setting up a comprehensive security system, they are stuck in this break–fix model with their integrator partner or internal security team. A broken camera or system component may not be identified as an issue until an incident occurs and the video is not there to help with an investigation. The money invested into the system is essentially wasted. Extending the role of security operations for system health monitoring—even from an MSP—gives organizations the confidence that they need to operate knowing they will be able to address an outage before it becomes a true problem. 

Alternatively, going back to the COVID-19 response and the security team’s role, there is an added benefit to outsourcing security operations amidst return-to-work initiatives: contact tracing. In the United States, Occupational Safety and Health Administration (OSHA) guidelines are emerging to address how employers are required to handle potential exposures—with the health and safety of their employees top of mind. This can mean closures in the event of an outbreak, which is something that many businesses cannot afford to endure. 

Outsourcing services like contact tracing becomes a crucial part in combatting the effects of exposure by creating an environment that puts the well-being of employees first, while remaining vigilant and operational. The role of the security team in this instance becomes crucial as a business asset. 

What’s Next

As many businesses begin to shift their thinking away from looking at security operations as a cost center or on-site necessity, the industry will adjust to a new way of looking at the SOC as a managed service.

SaaS operational models can help an organization weather an unexpected budget cut due to the effects of a recession or provide redundancy in the event of an emergency shut-down as a result of potential COVID-19 exposure. The selection of the right software, in addition to the engagement of an MSP as a way to reduce operational expenditures, can increase your security program effectiveness. Either way, it’s essential to think about the organization’s SOC as a critical part of the overall business—no matter the industry.

Ryan Schonfeld is the founder and CEO of RAS Watch and RAS Consulting Group, with extensive expertise in workplace security, private investigation, police service, teaching and instruction, as well as with the U.S. State Department and leadership in corporate America. Early in his career, Schonfeld witnessed the increasing relevance of technology as it relates to crime, and simultaneously earned his master's degree in Information Systems and Technology from George Washington University.