The main hurdle for professionalization is one mainly hampered by established notions about what background a security manager should have
Law enforcement and pure problem-solving
skills will play less of a role for the future
security director

Much effort has been put down in the professionalisation of security work. Not only is it a recurring topic of conversation at events for security professionals, but also a formal topic of concern for ASIS – having active task forces devoted to the promotion of professionalisation and academisation of security practice as well as a recently updated standard (ANSI/ASIS CSO.1-2013) describing the competence profile of a Chief Security Officer (CSO).

The outer driving forces for this effort are well-known; for example the increase of uncertainties relating to cyber-security threats, industrial espionage, activism and business-related risks when operating in hostile environments. In parallel with this trend, the demands for a formal, ongoing and cost-effective coordination of security work has further increased. Also on the list of organisational demands are clearer and improved business processes that cut across functional and operational value-creating activities, and increased use and sharing of security-supporting technologies. Furthermore, our research shows that physical security since long is a well-established business process within larger firms and a further development of security management would seem a natural development.

Distinctive for well-established professions are commonly agreed methodologies, techniques and terminology among professionals. Furthermore, a uniform and considerable quality assurance process is often in place in the form of higher education and/or formal licencing. Prime examples of professions often referred to are medical doctors and lawyers. In short, a professional from one country should more or less be able to communicate with colleague in another part of the world.

Establishing a higher education in security management is tightly coupled with the question on what would be general research direction for security management
There is an uncertainty regarding the academic orientation that security management should have

For security management there exists no such well-established equivalent. Institutions of higher education that offer security management are Edith Cowan University in Australia and the specialisation in Security Management that is offered at Wharton at University of Pennsylvania with ASIS as supporting body.

Engineering, criminology or business/management?

For any higher education with a clear identity and recognition the fundamental (research) question of whom or what we are is agreed upon. In effect, establishing a higher education in security management is tightly coupled with the question on what would be general research direction for security management. This is an important question – both short-term and long-term. In the short-term it is important to know what universities and schools to target, and long-term to guarantee the profession a development in the right direction and with the intended legitimacy.

A crude division can be made by dividing research and higher education into three general orientations; the first (1) being an orientation towards engineering and problem-solving; the second (2) being social scientific and criminology orientation that concerns itself with addressing overarching crime development and underlying structure and motives for criminal behaviour; and third (3), a business/management orientation that is concerned with balancing and setting business priorities in a corporate landscape of limited resources. None of these orientations are mutually excluding of one another – all higher education is a mix of a major subject and support subjects. However, some form of declaration of will and consensus about the general orientation is necessary. Worst-case effect might be that security management ends up being academically and institutionally weak as is sometimes the case with over-specialized degrees. When educating security managers, should the general orientation be on of engineering/problem-solving, criminology or business and management? In Sweden, the Higher Education Authority have for example assessed the Security Management degree in Australia as being one in engineering (assessment made 08/05/2008).

More business, management and new technology

From the research conducted within the LUSAX research program at the Institute of Economic Research at Lund University a clear majority of survey respondents working corporate security management expresses a need for increased skills of business and management, but also a need to understand novel technology to some extent. Law enforcement and pure problem-solving skills will play less of a role for the future security director. If asking security directors, the answer would be to follow the business/management orientation.

Some form of declaration of will and consensus about the general orientation is necessary. Worst-case effect might be that security management ends up being academically and institutionally weak as is sometimes the case with
over-specialised degrees

A third possibility is to position security management as focusing mainly on criminology and behavioural sciences. No explicit and direct demand from security directors was made regarding the need for criminology. However, we believe criminology and behavioural science is an important support subject to security management. A final alternative would be to position security management as a corporate legal activity, but we argue that the legal alternative is one that can be considered of being constraint or factor within the business and management orientation. Also, some security directors have expressed concerns in sorting security management under the legal corporate branch due possible risks of conflicts of interests.

Our research further suggests that the security manager needs further resource enforcement for areas like budgeting, procurement, cost-benefit analysis, new technology and business to mention a few examples. From that point of view, the choice of orientation clearly points to a direction of hosting security management within a business and management orientation. All in all, this could be described as the will for professionalisation from the ones within the profession.

Security Management and its corporate environment

For a more complete analysis it is not sufficient to include only the within-professional will for professionalisation. External forces outside the control of security professionals also govern the answer for the development of the profession. Since the start of LUSAX in 2006 we have repeatedly experienced corporate recruitment of security managers being mainly driven by a corporate interest searching for senior security candidate with a clear and solid law-enforcement background. This is more noticeable in North America and in the United Kingdom where Executive Protection often lies within the scope of security management. This is evident also in industry sectors where physical security is not typically part of the core business – like media, banking and consultancies.

In summary, in this article we have pointed out that there is an uncertainty regarding the academic orientation that security management should have. We are saying that it is necessary to choose a purposeful academic platform that over times generates the positive effects of professionalisation, for example wide corporate influence, clearer career paths and increased rewards in term of salary and perks. Our answer is to aim for security management to be positioned within a business and management orientation.

Finally, we have also pointed out the importance of changing the environmental attitudes concerning security management. We believe the main hurdle for professionalisation is one mainly hampered by established notions about what background a security manager should have. These notions lies outside the control span of the typical security manager, but are pivotal for the professionalisation of the profession.

Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version Download PDF version

Author profile

Markus Lahtinen Researcher and Lecturer at Lund University, LUSAX Security Informatics

Markus Lahtinen holds a Master’s degree in Informatics (2001) and a Bachelor's degree in Business Administration and Economics (2006). The past ten years he has been active as lecturer at the Department of Informatics at the School of Economics and Management, teaching mainly Interaction Design but also given classes on Decision Support Systems, UML, IT and organisation, and supervising theses work for students at Bachelor and Master level.

In case you missed it

How has Brexit affected the security industry?
How has Brexit affected the security industry?

When the United Kingdom voted to leave the European Union, a world of uncertainty unfolded for those doing business in the UK and the EU. The referendum was passed in July 2016. Including subsequent delays, the separation was completed after four years in January 2020, with a transition period ending December 2020. Even with the deadlines past, there are still pockets of uncertainty stemming from the separation. We asked this week’s Expert Panel Roundtable: How has Brexit affected the security industry?

Hybrid working and the threat of desk data
Hybrid working and the threat of desk data

The transition to remote working has been a revelation for many traditional office staff, yet concerns over data security risks are rising. Mark Harper of HSM explains why businesses and their remote workers must remain vigilant when it comes to physical document security in homes. Pre-pandemic, home offices were often that neglected room in people’s homes. But now things are different. After the initial lockdown in 2020, 46.6% of UK workers did some work at home with 86% of those doing so because of the pandemic. Semi-permanent workspaces Since then, many have found that over time, those semi-permanent workspaces have become slightly more permanent – with official hybrid working coming into effect for an assortment of businesses and their teams. The adoption of hybrid working can in fact be seen as one of the few positives to come from the pandemic, with less travel, more freedom and higher productivity top of the benefits list for businesses and their employees. The handling of sensitive documents, is a growing concern for office managers But those welcomed benefits don’t tell the whole story. The transition to remote working has undoubtedly impacted workplace security, with various touch points at risk. The handling of sensitive documents for example, is a growing concern for office managers. In simpler times, sensitive data was more or less contained in an office space, but with millions of home setups to now think about, how can businesses and their office managers control the issue of desk data? Physical document security As of January 2021, it’s said that one in three UK workers are based exclusively at home. That’s millions of individuals from a variety of sectors, all of which must continue in their efforts to remain data secure. With that, reports of cyber security fears are consistently making the news but that shouldn’t be the sole focus. There is also the underlying, but growing, issue of physical document security. The move to remote working hasn’t removed these physical forms of data – think hard drives, USBs and paper based documentation. A recent surge in demand for home printers for example, only exemplifies the use of physical documents and the potential security issues home offices are facing. Adding to that, research conducted in 2020 found that two out of three employees who printed documents at home admitted to binning those documents both in and outside of their house without shredding them. Data security concern Without the right equipment, policies and guidance, businesses are sure to be at risk Those findings present a huge data security concern, one that must be fixed immediately. The Information Commissioner’s Office (ICO) has since released guidance for those working from their bedrooms and dining tables. Designed to help overcome these challenges, the ‘security checklists’ and ‘top tips’ should be the first port of call for many. Yet throughout, the ICO make reference to ‘following your organisation’s policies and guidance’ – highlighting that the onus isn’t solely on the individuals working from their makeshift offices. Office managers have a monumental task on their hands to ensure teams are well equipped within their home setups. Without the right equipment, policies and guidance, businesses are sure to be at risk. But it would be wrong to insinuate that unsecure desk data has only now become an issue for organisations. Modern office spaces Keeping clear desks has long been a battle for many office managers. In fact, clear desk policies are practised in most modern office spaces, with it recognised as a key preventative to personal information being wrongly accessed and so falling foul of GDPR legislation. Throwing sensitive documents in the bin was never an option pre-pandemic However, the unsupervised aspect of home working has led to a potentially more lax approach to these policies, or in some cases, they can’t be followed at all. For those taking a more laid back approach, organisation leaders must remind staff of their data security responsibilities and why clear desk policies have previously proven effective. Ultimately, throwing sensitive documents in the bin was never an option pre-pandemic and this must be carried through to home workspaces now. Securely destroy documents There are also concerns over the equipment people have access to at home. For example, without a reliable home shredding solution, data security suddenly becomes a tougher task. To add to that, several recommendations state that employees working from home should avoid throwing documents away by instead transporting them to the office for shredding once lockdown rules ease. While this is an option, it does pose further issues, with document security at risk of accidental loss or even theft throughout the transportation period, not to mention the time spent in storage. The best and most effective way to securely destroy documents is at the source, especially in environments where higher levels of personal data is regularly handled. Correct shredding equipment The recent findings on home office behaviour represent a true security risk Only when home workers implement their own clear desk policies alongside the correct shredding equipment (at the correct security level), can both home office spaces and regular offices become data secure. Realistically, these solutions should, like the common home printer, become a staple in home office spaces moving forward. The likelihood is that many UK workers will remain in their home offices for the foreseeable future, only to emerge as hybrid workers post-pandemic. And while the current working environment is more ideal for some than others, the recent findings on home office behaviour represent a true security risk to organisations. With this in mind, it’s now more key than ever for business leaders, their office managers and homeworkers to all step up and get a handle on home data security policies (as well as maintaining their standards back at the office) – starting with the implementation of clear desk policies. After all, a clear desk equals a clear mind.

Video intercoms for a smarter, safer workspace
Video intercoms for a smarter, safer workspace

Though many office workers across the globe have found themselves working remotely for the past year, we are seeing a bit of a silver lining, as vaccine rollouts hint at a return to some pre-pandemic sense of normalcy. However, while some of us might opt for a fully-remote work life, others are anticipating a hybrid solution. Even before the pandemic, offices were taking a new, more open layout approach—moving past the days of cubicles and small office configurations. Going forward, offices and other workspaces will be tasked with supporting a hybrid work solution, as well as increasing hygiene measures. Video intercom solution This is where an IP video intercom solution can assist. Below are four ways they can help usher in a smarter, safer work environment: Video intercoms assist in creating a more hygienic work environment - The outbreak of COVID-19 has raised awareness of germs and just how easily a virus can be transmitted by face-to-face contact. Germ barriers are popping up in many aspects of our daily lives, where we were not likely to see them before Unfortunately, the door is also the easiest of these germ barriers to breach As such, we’re becoming accustomed to seeing plexiglass barriers at restaurants, grocery stores, and even coffee shops. However, many don’t realise that one of the best germ barriers is a simple door. Unfortunately, the door is also the easiest of these germ barriers to breach. All it takes is a knock or a doorbell ring to make us open our germ barrier and be face-to-face with whomever is on the other side. Increasing hygiene safety A simple step to increase hygiene safety and visitor security in commercial buildings and workspaces is an IP video intercom. Installing a video intercom will allow staff to see and speak with visitors without breaching that all-important germ barrier. A video intercom system provides a first line of defence, enabling the user to visually confirm the identity of the person on the other side of the door first before granting access. It can also be used to make sure proper procedures are being followed before a person is allowed to enter, such as using hand sanitiser, wearing a mask, and following social distancing guidelines. Basic security needs A major topic of conversation the past year has been how to manage occupancy in all facilities Video intercoms for occupancy management and basic security - A major topic of conversation the past year has been how to manage occupancy in all facilities—ranging from grocery stores and retail shops to restaurants and commercial buildings. Workspaces and offices are no exception. A video intercom provides a quick and convenient method of seeing who, or what, is on the unsecure side of the door before opening. For basic security needs, if a business has a door opening into an alley, a video intercom would be used to ensure no one is waiting outside to force their way in when the door is opened. Personal protection equipment Such solutions can also be used to ensure a person is carrying proper credentials, or wearing proper personal protection equipment (PPE), before entering a sensitive area. For example, if a lab has a room which can only be accessed by two persons at a time wearing specific protective gear, a video intercom could ensure each person is properly equipped, before allowing access that particular room. Additionally, for office or workspaces that have shared common areas, such as a cafeteria, gym or even conference rooms, managing access to these spaces will remain a priority, especially with post-pandemic restrictions in place. Video intercoms are a comprehensive safety and security tool for any workspace Deliveries of packages, work-related materials, or even food are common in any office or workspace. Video intercoms can assist in facilitating safe deliveries by visually and audibly confirming the identity of the individual. The visitor could be your next big client, your lunch delivery, a fellow employee with a faulty access card, or your mail. Video intercoms are a comprehensive safety and security tool for any workspace. Visitor management systems Video intercoms provide a cost-effective solution in small to mid-sized office facilities - One significant advantage of video intercom systems is the variety of applications available. Systems range from simple one-to-one video intercoms, to buzz-in systems, to full-fledged visitor management systems in mixed-use buildings. While they might lack the resources and manpower many enterprises have, small-to medium-sized offices can also take steps to ensure the safety of their staff and customers. Like any business, controlling who comes into the building is a primary way of maintaining safety. Video intercoms work in conjunction with access control systems to provide an identifying view of visitors or employees with lost or missing credentials. They allow staff to both see and hear those on the unsecured side of the door to determine intent before granting access. Most quality video intercoms will provide a clear enough image to allow an identification card to be read by holding it close to the lens, adding another opportunity to verify identity. Touchless intercom activation One major trend is the option of providing a touchless door activation Video intercoms provide a touchless option - Even prior to COVID-19, one major trend is the option of providing a touchless door activation or touchless intercom activation of a video intercom for those without proper credentials. Though touchless isn’t a new solution to the access control market, the pandemic introduced a renewed focus on these types of solutions to provide hygienic access to visitors. For offices and other workspaces looking to make investments into post-pandemic solutions to assist in reopening, touchless can support these efforts. When it comes to smart, secure workspaces, many people think instantly of cameras or monitors, access control, and alarm systems. Proper access credentials However, video intercoms are often the missing piece of a building’s security puzzle. A video intercom provides an identifying view that is not always available from a camera covering a large area. They allow those without proper access credentials a method of requesting entry, and just like cameras, they can be activated by alarms to allow staff to clearly see and communicate. If a workspace or office is important enough to be secure, it’s important enough to be sure of who is there before the door is opened. In 2021, it’s not enough to ensure the physical security of your staff and visitors, but also to ensure they are accessing a hygienic environment. Video intercoms provide that security and peace of mind.