Over the last decade, many organizations adopted a Critical Event Management (“CEM”) platform, sometimes referred to as a visual command center, to support their physical security operations. The rationale for purchasing a CEM was to enhance organizational resilience by helping keep people safe and operations running smoothly. While these legacy CEM solutions were an improvement over manual processes, the industry has evolved and major gaps in these offerings have become apparent. At Topo.ai, we’ve addressed major, unfulfilled requirements and have built a next-generation CEM that is being used by leading-edge organizations to improve their team’s productivity and their organization’s resilience. Below, we look at the major benefits of a CEM and discuss why legacy systems are lacking.
Making better data-driven decisions. Legacy CEM systems typically have a closed architecture, making it impossible for users to add their own data and rapidly connect to external data feed APIs without relying on (and paying) the legacy CEM vendor. This makes it very difficult to adjust to a new crisis such as COVID-19. At the onset of the pandemic, we learned that legacy CEM systems failed to ingest relevant COVID data to understand impacts, such as infection rates and trends by geography, making the legacy CEM solution virtually useless in support of the organizational response to the evolving crisis. In contrast, a next-generation CEM platform such as TopoONE, made it easy for organizations to ingest a myriad of COVID-19 data, analyze it by trend based upon where their assets were, and make strategic recommendations to the operational team. In fact, SecOps teams that used TopoONE during the crisis led the pandemic organizational response. With many unknown crises likely to impact our organizations, it is time to adopt a next-generation CEM platform that will rapidly allow you to ingest and access relevant data needed to make better data-driven decisions to respond to each crisis.
Delivering consistent, compliant, and accelerated performance for team members. Legacy CEM solutions provide excellent visualization of critical events on a map, and certainly these platforms show well to leadership while being displayed on the GSOC wall. But what about the operators? Legacy CEM platforms actually make life harder for the operator, not easier, because they need to provide much more than just “pins on a map”. Next-generation CEM solutions, such as TopoONE, take operators beyond a pretty map picture by making it easier to efficiently do their job of adjudicating risks and escalating critical events using compliant processes that are defined by security leadership within the CEM platform. These efficiency improvements are frequently achieved in multiple ways:
- Next-generation CEM solutions allow disparate pieces of intelligence to be “consolidated” into one critical event. The inability of legacy CEM solutions to associate a variety of sources of intelligence into one critical event requires the operator to create an incident report outside of the legacy CEM platform itself, which actually creates more manual work for the operator rather than less.
- Critical events should be able to be processed by the relevant team based upon their coverage area (such as an EP critical event, or critical events in different geographies such as EMEA versus the Americas). The ability to route workflows and give each operator their relevant view of the platform with only their critical events to manage reduces noise and simplifies duty of care responsibilities for the operators. Legacy CEM solutions lack the ability to configure workflows in ways that make it easy for each operator to focus on their own coverage areas by consolidating all data into one view.
- Each type of critical event should have its own unique workflow such as a high temperature alert at a data center that should be processed and escalated differently than a bomb threat near a company office. Each unique workflow should include specific Standard Operating Procedures (SOPs) and forms to manage the critical event and an automated process to create an incident report for notification and escalation. We’ve learned that legacy CEM solutions lack the ability to configure workflows and automate the creation of reports, thus creating more work for the operators.
With the increasing burdens being placed on operators, it is time to adopt a next-generation CEM platform like TopoONE, and truly enhance operator productivity while ensuring compliant processes.
Communication and Crisis Response. Next-generation CEM platforms enable the rapid dissemination of critical event information. The various concentric circles of communication might include the GSOC team itself, the broader security team as well as security leadership, executive leadership and, finally, all employees that are potentially impacted. The various methods of communication might vary; for example, the GSOC team might use groups on Slack to communicate the critical event within the security team itself, or they might also use email groups to communicate outside of the security group, or they might use text messaging to communicate the critical event in addition to the above methods, and finally they might connect and communicate the critical event to a larger audience using a mass communication system. The ability for the customer to design the communication modalities and create communication groups is critical as it helps to ensure a more rapid, and complete, communication. The CEM platform should also make available SOPs that define the organizational response based upon a certain kind of critical event. The CEM should automatically identify the relevant SOP and display it to the operator so that crisis response tasks can be assigned. The ability for the operator to automatically access the relevant SOP enables a crisis plan to be rapidly executed. A next-generation CEM solution enables any-and-all communication modalities that are configured to notify all necessary audiences. Additionally, a next-generation CEM solution enables the operator to quickly and rapidly access SOPs that ensure a compliant, and timely, organizational response to a crisis.
Analysis of team performance. Legacy CEM platforms were originally built as on-premise solutions and not purpose-built for the cloud. While most have migrated to the cloud, legacy CEM solutions have not leveraged best-in-class cloud software architectures to make team performance data readily available. Next-generation CEM platforms leverage “data lakes” that ingest, store and record all data and actions taken inside the platform. On top of the data lake, next-generation CEM platforms, such as TopoONE, allow security organizations to measure and monitor individual and team performance by shift, by day, by week, by quarter, by year. This enables security leaders to measure performance, make improvements in processes, and communicate KPIs and performance metrics efficiently to senior leadership. Delivering a CEM platform capable of understanding a team’s performance through powerful analytics is increasingly becoming a foundational requirement for global security organizations.
A CEM platform is the technology foundation of any organization dedicated to keeping its employees safe, whether they’re on-site, working remotely, on the road, in the field or in the air. When a critical event or emergency strikes, organizations need to rapidly assess the impact using relevant workflow processes, locate their people, and communicate with them to ensure their safety. Next-generation CEM platforms, like TopoONE, deliver significantly improved outcomes compared to legacy CEM solutions while dramatically improving operator efficiencies. Given the ever-increasing number of threats and unknown crises, now is the time to become better prepared for you and your team to manage those crises as effectively and efficiently as possible.