“The solution uses historic data to create a model of behavior for every device and real-time data to ensure components are properly performing in the present.”
It is no surprise that managing false alarms gets expensive. Within the United States alone, false alarms cost upwards of $3.2B each year, in addition to causing mental fatigue for SOC operators and officers. False alarms require larger security staff, cause work disruptions, and take attention away from legitimate risks. This adds up quickly, consuming valuable budget dollars that might otherwise be allocated for improved systems and services.
HUMAN ERROR CAN MAKE THINGS WORSE
When installing a security system, it is critical that end-points are properly aligned and tested to ensure they operate per the manu- facturer’s recommendations. Shortfalls can result in thousands of false alarms over the life of the product.
Another common problem can involve the lack of coordina- tion between personnel schedules and security system settings. Something as simple as arming a section of a building while em- ployees are still coming and going can trigger false alarms.
As the frequency of false alarms increase, SOC staff can lose trust in their own security systems. This often results in mask- ing or disabling problematic devices, which creates severe security gaps and blind spots that can put organizations at risk.
AI INTELLIGENCE AND AUTOMATION
SOLVES THE FALSE ALARM CHALLENGE
Artificial Intelligence, Machine Learning and Data-driven securi- ty platforms are transforming the industry. With domain-centric algorithms to detect false alarms and the speed and accuracy of machine learning, SOCs can now analyze entire security net- works and find weak spots that cause false alarms.
In effect, the AI-powered technology acts as a security nerve center, turning raw data into actionable insights. It optimizes physical security device settings and identifies equipment that needs attention or repair – all proactively.
The data provides additional insights about the devices that are not in good health or have the highest anomalies, the alarm threshold of individual sensors, the times of day with the highest alarm rates, the repair history of devices, and much more.
WHAT CUSTOMERS ARE SAYING
A global leader in software development deployed the AI-pow- ered SOC automation platform. Within few weeks, the compa- ny was able to eliminate false and nuisance alarms by 30,000 a month by optimizing over 350 devices.
As a result, their MTTA decreased by 50% and MTTR de- creased significantly by more than 75%. This gave the company the ability to scale up GSOC services globally without hiring ad-
ditional people, and all four SOCs experienced better productiv- ity rates globally. The project paid for itself in less than a year. The AI-powered technology proactively monitored over 5,500 de- vices. Further, the company was experiencing high Door Forced Open (DFO) and Door Held Open (DHO) alarms per month.
In few weeks, that count went down to merely one DFO alarm as the software automatically fixed the programming, configura- tion, and timing issues. The customer was also able to eliminate business disruptions and risks due to faulty devices and equip- ment. The software was able to detect more than 40 devices that needed repair, more than 140 devices that were showing signs of anomalous behavior, and detected and optimized more than 55 devices that went into an “alarm flood” mode. As a result, all of the company’s GSOCs experienced higher productivity, com- pliance to their internal Service Level Agreements (SLAs), and better performance from all GSOC operators and officers. There were fewer unnecessary dispatches of security guards, automatic notifications when devices required repair, and greater trust in the security system‘s performance.
ENHANCING SOC STAFF PERFORMANCE
Data-driven security automation platforms benefit SOC person- nel in many ways. They monitor Key Performance Indicators (KPIs) to help improve the performance of SOC teams overall. Such automation reduces the SOC alarm workload and allows operators to trust what their security systems are telling them.
From a managerial perspective, security management can monitor and assess the performance and outcomes for each SOC operator using meaningful metrics, including Unacknowledged Alarms, MTTA and Critical Alarms by site. Using these data- driven measures, management can acknowledge the contribution of high-performing operators, while also identifying skill gaps of specific individuals. Such insights can empower leadership to cre- ate improvement plans that will reduce risk and costs.
BIG RESULTS IN SHORT ORDER
AI-automation can provide remarkable results within days, as it begins eliminating 30 to 50% of false positive or nuisance alarms within a week of deployment, about 80% elimination of false alarms in few weeks and eliminates over 85% of false alarms in one year.
New and innovative SOC Alarm Reduction solutions are not meant to replace security personnel, but to make them more effec- tive. In fact, by freeing up operators and staff from tedious tasks and wild goose chases, SOCs can scale up their services using the funds that would otherwise go toward false alarm management.
This powerful new false alarm reduction technology is poised to empower security teams and system providers to
predict failures and take corrective action – im-
proving their performance ratings and operation
KPIs.
Ajay Jain is the president and CEO of Vector Flow.
34
SEPTEMBER/OCTOBER 2022 | SECURITY TODAY
FALSE ALARM REDUCTION