Keeping the physical assets of big enterprises secure is no small job. If your company has an annual revenue of over $500 million or more annually, you know exactly what we’re talking about. The task of creating a spot-on security budget can feel like an uphill battle. The common culprits? Lack of complete information about your security system and data that’s scattered across too many platforms.
In this article, we’ll talk about five things you can do to get your budgeting done right.
1. Kick things off with a physical security risk assessment
A recent Ontic 2022 State of Protective Intelligence report found that 9 in 10 security leaders had experienced a dramatic increase in physical security threats. Protecting your organization against these threats requires knowing where you are and building a security program that supports your organization’s goals efficiently and cost-effectively. But with threats constantly evolving, how do you know where to start? Leading security experts say you start with the classic physical security risk assessment.
What is a physical risk assessment?
A physical security risk assessment is a systematic analysis and review of your organization’s current security measures. It is intended to identify the risks to your facilities, evaluate existing security controls and procedures, and recommend improvements to reduce risks.
Here’s a basic outline of what you should plan to cover in your assessment. In sequence, they are:
- Identify potential threats and risks
- Analyze the impact of each identified risk
- Compare the analyzed risks with established criteria to prioritize the risks that will be treated
- Build a strategy to mitigate prioritized risks
- Implement the strategy
- Monitor the implementation and review at regular intervals
And, of course, the entire process should be documented and reported so it is easily understood by both your internal team and stakeholders.
One activity that is part of the risk assessment is a security system audit. We’ll cover that next.
2. Conduct a physical security system audit
A full-on audit of your current security system isn’t a task for the faint-hearted. It’s resource intensive but well worth the effort. This audit should help you identify any physical security gaps you have in addition to providing useful information about the devices in your security system, such as device age, warranty status, failure rates etc.
Typically, the lifecycle of a video surveillance system is ten years, access control is seven years, and intrusion detection systems are three years, depending on the system manufacturer, usage, maintenance, and other factors.
How to identify physical security gaps?
While there isn’t a one-size-fits-all answer to this question, there are some common physical security gaps that you may want to focus on:
- Identifying areas that are not covered by surveillance systems.
- High-traffic areas that lack access control.
- Information technology (IT) systems and equipment that are not monitored for unauthorized access.
- Public spaces that lack sufficient lighting.
In reality, this type of information is rarely centralized in most organizations. From spreadsheets to asset tracking systems to CAD Drawings, device-level information is rarely in one place.
With SiteOwl, security teams can aggregate device lifecycle information and generate readily accessible reports at the click of a button. This is a game changer for the security industry, which has traditionally resisted the integration of technology and relied heavily on legacy systems to manage physical security.
3. Estimate the cost of your physical security program
You’ve figured out what your security needs are. Now comes the tricky bit – figuring out how much it’s all going to cost. Prices can swing wildly when it comes to security measures, a little homework can be helpful. Make sure to reach out to a few vendors to get quotes. This should give you a ballpark figure for your budget.
Crunching the numbers for your security budget
When the budget season rolls around, frame your budget in a way that keeps your organization’s security needs front and center. Many organizations make the mistake of focusing on Capital expenditures (CAPEX) and Operational expenditures (OPEX), but neglecting to include the Total Cost of Ownership (TCO) of your security infrastructure can cost you more down the road.
As you work through your budget, don’t forget to include
- Installation and maintenance costs. How much will it cost to install your security infrastructure, keep it up and running, and operate it? Will a service contract work well in the long run?
- Cost of hardware and software components. While the price tag for these items can vary widely, the more information you have about security costs, the more accurate your budget will be.
- The cost of training your team. This is one category that is often overlooked. But here’s the bright side – you can spread out the cost of training over the entire life of the system. And by working with top-notch integrators and consultants, you can be sure that the right people are trained to use the system effectively.
- Upgrades and replacements over time. Physical security is changing rapidly, so it’s vital to understand how the cost of your security infrastructure will change over time. By using a data-driven approach to budgeting, you can better predict and plan for these costs.
Making budget planning a data-driven process
Historically, planning a security budget has been a manual process prone to human error. Also, security leaders often had to rely on other departments for their budget planning data. This is not good for security management, as it encourages short-term thinking and creates a lack of alignment between departments.
Times have changed, and security budgets are more complex now than ever. You need a robust budgeting process to ensure your figures are accurate. That’s where SiteOwl comes in.
With SiteOwl, security leaders can plan for the future by gaining visibility into the current state of their security infrastructure and using that information to create a budget that supports their organization’s security program.
4. Create a budget you can get behind
You’ve done your homework and have a pretty good idea of what your security measures are going to cost. Now you can create a physical security budget that you can actually confidently stand behind. To do this, make sure you have answers to these questions:
- What percentage of your budget should be set aside for CAPEX? Although much of the industry is leaning towards an OPEX model, CAPEX still takes the lion’s share of most physical security budgets.
- What slice of your budget should go to OPEX? Many security measures we take to protect our organizations come with a recurring price tag, making them a nice fit for the OPEX bucket. Some security measures, like managed service providers, cloud-based solutions, etc., also fall into this category.
- How will you demonstrate the value of the budget you propose? This is a critical question to answer and will require some thought and planning. Similar to industry-specific security requirements, your budget will need to be tailored to the needs of your organization.
Embracing the latest technologies that offer operational benefits is a great way to demonstrate the value of your budget. Let’s say you can show that your proposed budget will reduce the number of false alarms by 70%. This could save your organization money by cutting down the number of police and fire calls. The bottom line is that you want to show how your proposed budget will reduce the cost of your security program and deliver real value to your organization.
5. Expect the unexpected
While departmental and company-wide budgets are usually set at the start of the fiscal year, it’s a good idea to revisit them to ensure they’re still relevant. Even with the most meticulous data and regular reviews, life has a way of throwing curveballs. A piece of equipment could give up earlier than you expected, or a security breach could force you to make unexpected upgrades.
While you can’t plan for every eventuality, you can build a safety net. Make room in your budget for a contingency fund to cover unexpected costs.
Staying ahead of the game when it comes to threats and keeping a proactive stance hinges on having a clear picture of your physical security.
System performance visibility is a must if you want to make smart decisions about your security investments. With this visibility, you can:
- Measure how effective your security measures are.
- Predict when equipment will need a replacement or upgrade.
- Review performance metrics to help you spot potential issues before they occur.
- Take proactive steps to keep things running smoothly and reduce costs.
Cost savings with physical security lifecycle management
When it comes to physical security, lifecycle management is a smart way to keep costs down. If you have a plan in place to replace and upgrade equipment at the right time, you can dodge unexpected expenses and extend the life of your security infrastructure.
SiteOwl gives you a one-stop shop for managing your security system’s lifecycle, letting you make decisions based on hard data instead of old-school methods. No more flipping through binders, scrolling through spreadsheets, or wasting time on hold with the manufacturer’s support line to check if your security equipment is still under warranty.
Create your physical security budget in record time with pinpoint accuracy
To create a strong physical security budget, you need to understand your mission, know how much risk you’re comfortable with, and be clear on what resources you’ve got. With detailed info on the age, condition, and performance of your systems, you can make decisions with confidence.
By taking advantage of SiteOwl’s platform, you can speed up the budgeting process and keep an eye on ongoing security deployments and system performance in real-time.
Request a demo today!