The importance of the consultant in the integration of electronic security projects.
by Gigi Agassini, CPP*
The operation of every organization is becoming more challenging due to several factors:
- Risks change
- Staff competencies are transformed
- The areas of "expertise" increase
And we can go on with an endless list of what's making the day-to-day the most challenging. The point is that you get so involved in your operation that you can very easily get lost in it and we know that every story has at least two sides, but ... what is the other side of the story?
In the security industry "in general" the experience of the Consultant is not so used as a neutral point of view and improvements that we can make in our environment, because there are several prejudices such as "I know or I should know everything, that's why they hired me", "if I bring someone outside, I show weakness in my knowledge and experience", "I have no budget for something I can do", "security is not the main business", and surely I am omitting hundreds of more thoughts that cross or have crossed your mind every time you think of a Consultant.
The security professional is still very tactical and should be in the process to become strategic, which will have a positive effect on the internal positioning of the security area in the organization and is that, although "security is not the main business, but without security there is NO business".
Because budgets are getting smaller and the challenges are bigger and much more dynamic, having in the team all the areas of "expertise" that are required and the personnel that this entails is a nice thought that we would like to make a reality, but that for the aforementioned will be difficult to materialize ... So how can I elevate that clinical eye I need? Well, through consulting is that we can have "the other side of the story." A person who supports us with their experience and helps us observe the other side of the story that we do not see because we are so immersed in the operation.
It is of great value to have an external figure, who asks, who interviews, analyzes and questions how and why certain processes are done, identifying areas for improvement, new regulations and standards that we should comply with as a business for that "continuous improvement" that will lead us to operational efficiency, which will undoubtedly have significant savings to the organization.
But how is it that even knowing all the benefits that a consultant gives us or could provide, we continue in the same position? Because without a doubt it is better and more comfortable to stay in denial, that is, trapped in thoughts such as "it will not happen to me", "if it happens to me, it will be little", "it has never happened to me, so I have nothing to worry about", and we could continue with the list of hundreds of "why" I prefer to continue in denial.
Adding all the above and more, this makes the path of the Consultant one full of many obstacles, and it is true that for many reasons why you prefer not to see or know the other side of the story, the Consultant has to be ready to have a 360 ° vision, with a constant preparation in different subjects, Have an analyst side on the political-economic changes of the world, yes, of the world! Demonstrations of what happens in other countries affect the environment where you are; It seems to me that we have had and lived enough repercussions from the lack of electronic microchips, to the rise of fuel due to a war between two countries with which probably several of you have no relationship, but without a doubt we all live the affectation.
And we continue with the magical thinking that because we are the security director, the security specialist, the security officer, (give it the name you like the most) we are a kind of super hero and we must know everything and not only know everything, we must execute everything, and that is to be the singer, the vocalist, pianist, Bassist and the one preparing the set, it's not something that can be sustained in the timeline, since you won't be seeing that other part of the story that you don't have yet.
A step that many do not want to take
Without a doubt there is a cultural issue that continues to stop us and keep us at that point that we have not wanted to pass and is that traditionally in Latin America making the decision to call the Consultant to help us improve and tell us that other part of the story, is almost impossible, because bringing someone we mistakenly think will tell us "how to do our job" is an action that definitely nobody They will want to execute, and the truth is that they will not tell us how to do our job, they will help us to be more efficient and to continue to manage risks by keeping them at the acceptable level for the corporation.
Consulting in countries such as Canada, Spain, the United States, among others, is "elite" mainly because the culture of "compliance" and collaboration with third parties is very common and open, there is no "fear or taboo" that they will be criticized, fired or frowned upon for calling an outsider; On the contrary, they are good practices that are constantly executed to continue maintaining continuous improvement and more efficient risk management.
Let's talk about examples, a constant problem is the continuous growth of operations which is very good for the business, but it puts challenges in other areas, one of them is the need to install more and more technology. In a greater percentage, corporations only add technology that does not talk to each other, which solves the "problem" at that moment without thinking if that cost will help them in the future at least in the medium term, since normally the thinking is short-term, so the resolution of problems is the same.
There will come a time when it will be unsustainable to continue with separate systems, of all colors and flavors, without standardization and beware! Standardization does not mean the same brand, because that continues to limit us and it is technology that must adapt and solve our problems, not the need to adapt to technology.
Continuing with the previous point, and after I already have a monster of a thousand heads, how do I do it as efficiently as possible without having to turn to the business and tell them that I have to change everything I have?, or worse, increasing risks to the business unnecessarily because I insist on continuing with technology that can half help, but that it is not really efficient for the operation and it is a greater risk to continue maintaining it. Ah! But it is easier to continue in our magical thinking than to move on to others.
This scenario is very common, much more common than you could imagine and you probably feel identified with all or part of the above. But we get caught in the day to day and in "solving" because we believe that we are a "solver" of problems, and the truth is that no, the security professional is a key element that will help the business to give continuity to it, and will support the owners of the assets to manage security risks. Difficult task to execute if we are miswatering and circumventing the different systems and the diversity of technologies that we have and that by definition unnecessarily increases other risks to the business.
The crucial point here is that this scenario is a great opportunity where a consultant is very helpful, since through his knowledge and experience it will allow us to identify what and how we could deal with what exists, refuse several of the technologies without unnecessarily increasing risks to the business and above all to achieve efficiency in our operation and due compliance with processes.
So if you want to know "the other side of the story", dare and add an external consultant to help you look from another angle at your operation, processes, standards, technology, policies, etc. with all the best intention of having a continuous improvement and maintain the risks at the level of acceptance for the business, which will automatically be generating savings to it.
I invite you to change that thinking about the consultant, who without a doubt, like you, faces daily risks and must be prepared for his dynamism. The consultant is and will always be your best ally!
* Gigi Agassini, CPP
International Security Consultant