The Secursat Technology Hub: from security to risk management
How did this project come about?
In the light of evolving international scenarios and the dynamics affecting risk management, which have made speed of action and adaptability indispensable for responding to new threats, those involved in security can deploy emergency and crisis management skills. But traditional security expertise is no longer enough, the increasingly blurred physical and virtual boundaries and the interconnection between economic and technological dynamics have made it necessary to develop new skills, new approaches and new models. This is why we at Secursat have invested in our technology hub, built in the heart of Milan, to create a security technology management hub capable of being the tool for risk prevention and management, and to transform ourselves from experts to professionals.
What is the Secursat Technology Hub?
The Secursat Technology Hub is first and foremost a MARC, as the 50518:2020 standard defines it, but not only. It was, in fact, designed and structured to meet all the requirements of the certification necessary to carry out our activities, but we, with the idea that remote management can extend the concept of traditional security to a complete technological governance and therefore also to an operational risk management, have tried to do much more. We have created a technology supervision and management centre, where the alarm, for us, is 'just' an extraordinary event, of a much broader set of processes that together can guarantee the management of risks in the complete sense, and not just physical ones. We do not like to talk about 'security' because we feel more akin to a concept of 'risk management'. Security, all too often, refers to a traditional concept, enclosed in the physical sphere or rather in the digital sphere, whereas we feel that we are a complete partner for our customers who can accompany them in the management of a series of processes that may sometimes seem marginal compared to traditional models and which, instead, today in our opinion become priorities. The ability to reduce repeated activities, the ability to reduce unnecessary on-site activities with measurable impacts on the reduction of kilometres not travelled and CO2 not emitted or, again, the monitoring of energy consumption combined with that of security technologies. There is talk of a 'liquid society', and for us today even security has become liquid, with physical and virtual perimeters that are increasingly blurred and where, if managed and integrated into a broader model, maintenance and facility management activities become strategic as necessary integral parts of a single model. For us, however, the Hub is also a sort of security showroom, a place where one can see, do, experiment, test, design, think, analyse. Not a hidden place, but a reference point where we can also rethink overall management models, carry out operational tests. Because if products are now commodities very often technologically similar for various price ranges, it is the management capacity that makes the difference. And we have created the Hub to say not only that we have succeeded in realising this model, but that we also show it, test it.
What were the main elements behind this project?
First of all, clearly the technical ones related to the structure and especially the network infrastructure. On this point, in addition to the Hub in Milan, we have a second MARC also certified no. 02/2023 50518:2020 to guarantee disaster recovery and business continuity. Secondly, we focused on technologies and especially on integration technologies. To date, we have not yet been able to find a single platform on the market capable of meeting our customers' needs, so we put together a range of skills and technologies to be flexible and multifaceted. The core of the model was a capacity analysis, i.e. an analysis of the mix of skills, technologies and number of resources needed to manage a certain number of sites, facilities and activities. A path that we tested on ourselves and which then became a product for other customers who, like us, have SOC/NOC management centres, certified or not, and who ask themselves: but how many people are needed to manage the perimeter of the sites? Today, thanks to a structured model and a team with multifunctional skills, we are able to answer this question, starting from data. Another aspect, which was no less important, was design. We also chose important partners, especially in the international sphere from Spain to Germany, to have a set of tools that could, on the one hand, convey the idea of a cutting-edge technological centre and, on the other, make the work of the operators, who are invaluable technical figures for us, comfortable. From dimmable lights, to make the environment from a windowless 'bunker' to a cosy area, and facilitate shift work, to custom-designed desks which, in addition to being highly aesthetic, allow for optimal cable/technology management, to the most advanced video matrix technology to manage videos with a multiplicity of very complex scenarios.
What skills were needed?
The skills needed were many, starting with 'traditional' security skills because, in order to remotely manage the systems, we needed people who had worked in the field technically, for years, and who knew the dynamics of managing even outdated products, up to IT skills. We also added some network monitoring platforms to sanction our transition from 'SOC' to 'NOC' and designed the structure to ensure the protection of data and information. In addition to the technical skills, whether traditional or IT, it was also necessary to bring in our certified security managers who, as part of the Secursat team, helped to create a suitable place for risk management by going beyond traditional concepts, working on procedures and rules of behaviour, beyond those clearly laid down in the regulations.
How much does data matter?
Data count a lot, but what we have learnt is that what counts most is the ability to understand, in the now infinite multitude of data available, which ones are useful for directing behaviour and making decisions. From this point of view, we take our inspiration from sectors even apparently very far from security, where automation and prevention are now widespread and transversal concepts that are fully integrated within the decision-making processes, and we have focused on the use of summary dashboards because for us they represent one of the best added values of our service.
For the future, what is the biggest challenge?
Certainly a reflection is towards the market and the general approach to security. Security, unfortunately, in general, is often poorly communicated or communicated in a traditional way both outside and inside organisations and therefore perceived as a cost. The added value we are trying to give is to reinterpret this traditional scenario and think of a set of processes that, if structured, can give great added value within organisations in terms of control (not of people but of technologies), in terms of optimisation, and in terms of improving levels of effectiveness and efficiency. For us, looking to the future, the greatest challenge is to find or develop true integration and automated management platforms on the market, capable of not only looking at the small technological universe of security, and to find 'enlightened' interlocutors among customers capable of grasping the innovative value of this project.
Interview with Maura Mormile, Business Development Manager at Secursat by Securindex
