Roadmap to a Security Operations Center
It starts with the people
Seattle Pacific University (SPU) in
Seattle, Wash. Is relatively small,
with only 3,688 students
enrolled, and yet security officials
on campus organized their
people within core processes and armed
them with a Security Operations Center
(SOC) that integrated access, video, and
intelligent, multi-modal communications.
For those of you who follow this industry,
you know this is a remarkable feat. I sat
down with Mark Reid, Director of Safety and
Security and Cheryl Michaels, Associate
Director, at SPU who also founded Educational
Safety LLC, a security consulting firm.
Worman: What is the vision and mission
of the security role within SPU?
Reid: Our primary mission
is to provide a safe working,
learning, and living environment
for the SPU community
through the administration of
programs, activities, and systems
that enhance safety.
Worman: What was the program like
when you first started?
Reid: I started in 1986 when the major
concerns were crimes against property, student
safety and health, and fire safety. We
began programs to address these concerns
with CCTV, better fire protection systems,
increased campus lighting, and enhanced
security responsiveness. We developed a
security program that maximized the benefits
available from current technology. We
were early adopters of AED technology. We
have always prioritized life safety concerns.
Michaels: I started in 2001,
shortly after the Nisqually
Earthquake. The technology
in place at SPU far surpassed
anything my previous
employer had been using. The
security program was firmly grounded in
protection of lives and property from accidents
and injuries. However, the Nisqually
Earthquake experience energized SPU
around emergency planning and Security,
under Risk Management, had begun redefining
the scope and vision of the University’s
crisis response plan.
Worman: How did you proceed?
Reid: We focused on best practices and
best technology. We looked outside of our
industry for tools, techniques, and program
ideas to protect our community. We studied
after-action reports from tragic events to
determine what precautions might produce
the best outcome for safety purposes. We
developed plans that included many stakeholders
around the University. We wanted to
have broad participation in the process.
Michaels: The emergency crisis and management
plan is a living document, and ever
evolving. At the start of the planning, we
knew we needed to create a broader base of
trained responders. We created a building
emergency coordinator program modeled
after the Floor Warden Program many fire
organizations encourage. Since it was established,
SPU has about 90 voluntary participants
that help communicate emergency
messaging and response to evacuations and
acts of violence. We also began holding an
annual campus wide evacuation drill, and
around 2007 added a campus wide lockdown
drill. SPU was unique then and now compared
to other universities in that these drills
required whole community participation
and interrupted business operations and
classes in session.
Worman: How did you identify the need
for a SOC?
Reid: A 24/7 SOC enhances communication
and information. It allows you to organize
and integrate technology in a way that
supports the responders. It provides an
opportunity to quickly develop situational
awareness and it provides the tools to
respond in a way that enhances life safety. It
was clear that without an integrative space
we could not deliver the kind of service and
safety that we wanted to provide. A SOC
allows you to cost effectively build in resilience
and it allows trained individuals to be
more effective in an emergency. It allows us
to view the condition of our campus in any
circumstance and have the information to
make better decisions.
Michaels: The why drives the what that
determines the how. This is our formula. For
example, why do we want to lock down?
Because it saves lives and because it reduces
or eliminates deaths, injuries, direct and
vicarious trauma, and economic loss. What
do we need in order to lockdown? Access
control, video, and rapid communications.
How can we integrate all those components
to provide us with situational awareness? We
asked ourselves, what information do we
need for accurate situational awareness, and
how do we want to consume that information?
Once we knew the goal (the why and
the what), we began to identify those mitigating
elements and response protocols that will
reduce or eliminate deaths, injuries, direct
and vicarious trauma and economic loss.
Worman: What are the key pieces of
a SOC?
Reid: Surveillance video allows you to
quickly understand a condition or a threat, it
allows you to identify key actors, and it can
provide first detection of key events. Access
control systems are an essential component of
any SOC. You need to understand the physical
condition of your facilities. You can make
immediate adjustments to your security condition,
including locking down, through the
automation these systems provide.
Alarm systems, although not usually the
most exotic technology, can provide key
information in life safety situations. Fire
alarms, fire sprinklers and intrusion alarms
can provide rapid critical information for
important life safety threats.
Multimodal communications encompass
the ability to send or receive key information
in any situation. You will need radio, phones,
notification systems and other tools to
receive reports from your community, direct,
and inform your response team.
Lastly, an emergency notification system
should support multimodal communication
of hazards, protective actions, and other precautions
people need to know for their safety.
It is common these days to have mass
notifications to send text messaging, emails
and make phone calls but more is better.
Emergency communications are difficult,
and you need as many tools as possible to get
message diffusion through a community.
Worman: What does the future hold?
Reid: I think that for several years, people
have hoped that targeted violence against
people and organizations was a passing sociological
condition. I think there is evidence
that this concern will be with us and that
there will be codes and standards to address
these issues and require some level of emergency
planning. The down side of that
approach is that codes and standards often
lack flexibility to move with new technology.
Best practices are in a process of continuous
change and new threats are continually
emerging.
This article originally appeared in the March/April 2019 issue of Campus Security Today.