This page contains a Flash digital edition of a book.
bundle Security?


and the security provider could not resolve the situation. Many security companies offer an integrated capability directly or through partnerships, and it is a model seen widely in Europe, so why is it not more prevalent? It is driven by customers, as I have never seen an attempt to procure solutions with this approach. Customers may not see one provider as competent in all elements – although they believe this for services. Possibly the procurement becomes too complex and the provider base limited. I have seen it be successful, where, over time, customers come to trust their provider and accept integrated proposals as cost reduction. It is certainly a more sustainable route to cost reduction which assesses the impact on security effectiveness, unlike Service Bundling.


So which, if any, is the best approach for any given customer; and how are these choices made?


Despite the discussion of bundling, the vast majority of security contracts are still let as single service. This is probably because of the second point in the SRI study, based on surveys and interviews from 83 providers and 62 customers, which concluded that there was no evidence base for bundling decisions. This reflects my own experience, where customers in the same sector, with similar risks, often have very different approaches. What defines the approach is usually the relative authority of the customer’s Security


© CI TY S ECURI TY MAGAZ INE – WINT ER 2014


Management to Facilities or local operational management and procurement; the clarity and importance of security policy at Board level; and the scope of the service.


In a challenging economic environment, the variance in authority of internal experts in the final decision obviously makes a difference. At present, whether single service or bundled, price focus has led to contracts let at a level that many believe are independently unsustainable. This may be because customers do not understand the necessary infrastructure; but the effects, although not visible quickly, will compromise the “response reserves” (which include officer morale) necessary to maintain service. If this is the case, then it is a failure on the part of all parties. However, it is clear that many believe Service Bundling is a good route to cost reduction.


Policy and scope are more interesting drivers. If I was to say “Cyber Security” in any boardroom today, everyone would engage, as it represents a “known unknown” threat. Yet, whilst technical defences are certainly critical, the main risks come from supply chain and staff behaviours. These require a security policy that is not two lever arch files of protocols, but one which is clear, accessible and enforced to manage the behaviour of all the organisation’s stakeholders.


This is no different from the challenges of managing all security risk; and I see customers with a strong policy and wide scope focus


tend to engage expert security providers and their partners more effectively, and more often use specialist or security bundling.


So should you bundle security?


The BSIA represents over 500 members from all parts of the security provider community and believes in the benefits of Single Provider or Security Bundled contracts, where customers implement clear, Board-led policy through a team of BSIA members and reduce cost with assessed risk impact, over Facilities led Service Bundling. Developing members’ broader security capability was behind the acquisition of Skills for Security earlier this year; a current focus on partnerships between members; and current plans to engage more with customer practitioners.


However, the BSIA realises that service bundling will suit some customers and has many members only happy to assist! Returning to the SRI study, I hope that by next year the SRI can develop the evidence base to ensure that all customers can make better decisions either way. If you have any such evidence, I hope you might share it with them!


For more information about the BSIA and the services offered by its members, visit www.bsia.co.uk


> 19


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36