Why buying time is critical to your security strategy
If I were to ask what is the most important element in any security strategy, what would that be?
– Physical barriers?
– Processes & procedures?
– Security technologies?
In the commercial property world, our security strategies routinely include a combination of each of these four elements.
This is because they are usually the most practical and cost effective way to achieve an acceptable level of security. And while each of these elements play an important role in security, in essence, security can be achieved with or without one or all of them.
Reflecting on our role as security consultants, if we were to ignore all the jargon and hoopla that routinely gets thrown around, our job is essentially to buy time for our clients – at every opportunity we can.
Sure, we are about achieving a healthy state of security for them, but without the influence of time, a good state of security cannot be achieved.
What do we mean?
“Buy time” is an idiom or colloquialism that refers to the stalling or delaying of something in order to gain more time. Most commonly, we use it when we have managed to extend a deadline at work. We all want to buy time because it usually means less pressure on us. A three-week deadline is very different to a three-day deadline.
In the physical security world, every element of security relies on time in order for security to be effective.
> If a duress activation goes unanswered; or
> If someone doesn’t see something on their CCTV that they should have; or
> A gate is left open when it should have been closed.
These are the moments when time gets away from us and things that need to happen, don’t.
Crime Prevention Through Environmental Design (CPTED) at its core is about positively influencing sightlines and spatial awareness. CPTED, be it internal or external (yes, CPTED works internally too) is about giving people enough time to make decisions around whether the current environment is safe to be in or not. And if it isn’t safe, providing enough time for them to recognise that, and to take action.
The five “D’s of security – Deter, Detect, Delay, Deny and Defend are all reliant on time to be in any way effective:
- Deter – while deterrence is highly subjective and difficult to qualify, time is a key component in any effective deterrent.
- Detect – the sooner that a breach can be identified, the faster that a response can be coordinated and loss minimised.
- Delay – the longer that an intruder can be contained to a defined area, the greater the chance of a meaningful opportunity to defend or contain the attack.
- Deny – the longer that intruders are denied access to a property or area, the greater the opportunity to detect an intrusion, which improves the chance of an effective response.
- Defend (respond) – the faster the response time to an incident, the greater the chances of minimising loss and catching the intruders.
Time is everything and if it cannot be managed properly, security fails.
To further highlight the importance of time, let’s look at the Bourke Street Melbourne incident of November 9 2018. The timeline for this incident is as follows:
4:19:47pm: Car is set alight and explodes
4:20:13pm: Car rolls to the north side of Bourke Street
4:20:23pm: First police car arrives
4:22:03pm: Second car explodes
4:22:15pm*: Aggressor is disabled by Police
4:22:27pm: Second police car arrives on the scene
4:22:45pm: Additional police arrive on the scene
This entire incident unfolded and concluded inside three minutes, which underlines how little time we actually have to deal with critical incidents.
We are currently undertaking a security review of a Melbourne CBD property. This property could have been impacted by this incident had the incident played out differently to what it did.
The building in question managed to go into lockdown very quickly, however in hindsight the lock-down process was not as fast as it could or should have been.
As security consultants, our job in part is to audit and make suggestions on how to improve the lockdown process for this particular property. Effectively, we need to buy them more time so if this sort of incident happens again, the lockdown process will be faster than it was in November.
The really interesting aspect of the Bourke Street incident is that the public warning system sounded about 75 minutes after the incident had concluded. This is too late to provide any value to the property managers that we support in the Melbourne CBD. And for those who were inside the buildings when the alarms finally sounded, they were barely audible.
75 minutes sounds like an extraordinarily long time and in almost all circumstances it will be too long to be of value.
This lapse in time does highlight for us that the need to manage critical security incidents falls in the hands of the property manager, security staff, employees and members of the public to deal with in the first instance. They are and will always be the first responders, at least for the first few minutes.
On November 9, the Police arrived incredibly quickly which we have to be very thankful for.
Everything we do in security should be about buying time. So before you sign the next contract with your service provider or make that next big capital purchase, think about what else you are getting aside from the product or service you are buying.
Does what you are doing improve your time position in some meaningful way?
If not, then perhaps some element of your security strategy needs a re-think.