If you’re familiar with the long-running UK TV sci-fi series Doctor Who, you’ll know that the lead character (‘The Doctor’) and various adversaries have continually evolved since the show’s debut back in 1963. Our hero’s villains have all adapted, becoming more resilient, more devious in their behaviour to threaten the security of various worlds and, indeed, the Galaxy as a whole. This very neatly echoes the real-world security sector, argues Angus Darroch-Warren, whereby security managers need to stay one step ahead of the threats posed by criminals, employees and other villains on a daily basis.
Doctor Who has a classic foe, the Daleks, and Davros (their creator). These famous automated aliens have proven to be a classic fan-favourite ever since their first TV appearance. What’s interesting is the evolution of the Daleks, based on geographical location around the Galaxy and their hierarchy. They now feature strategists, commanders, scientists, soldiers, reconnaissance, drones and even the odd renegade. They’re no longer ‘tin cans on wheels’ and have even managed to work out how to conquer their biggest obstacle: stairs. While the Daleks pose a significant threat, The Doctor typically has the upper hand through ingenuity and exploiting their vulnerability – a reliance on pure logic.
In addition to the Daleks, there’s a whole raft of classic Doctor Who adversaries that The Doctor encounters on a regular basis, including the Cybermen (who were human, but have exchanged organs and limbs for artificial parts and search out humans to convert them to the cyber population). To keep the stories more realistic (if indeed they can be called that) and maintain interest, the series regularly introduces new and often radically different enemies to the traditional militaristic characters. This ensures that The Doctor and any allies are often firmly on the back foot when faced by the likes of the Postmen, the Emojibots or the Master (a rogue Time Lord who seeks to take over the universe and generally spread chaos and mayhem).
Likewise, in the real world, security managers continuously face an ever-changing threat landscape. We live in an age of increasingly diverse and developing threats both globally, from escalating tensions in the Gulf, activism, cyber crime (pure and enabled) and organised crime groups through to more localised issues such as opportunistic burglaries, personal attacks and increasing terrorist threats (some sophisticated, others frightening in their simplicity). It’s now more of a challenge than ever to mitigate fast-moving threats and solutions. Like our friend The Doctor, we too must continuously develop our processes in order to meet evolving adversarial challenges.
Perception of threats
Not so long-ago, a security manager’s main threat was likely to be criminal intruders looking to steal equipment, property and other assets. Rarely were commercial organisations planning for, and managing, threats from heavily armed terrorists. Yet the past two decades have seen this type of scenario become a real possibility in what is an increasingly unstable world.
This has triggered a very steep learning curve for security practitioners, suppliers, specifiers and installers along with employees and visitors to buildings who use security systems on a regular basis. By necessity, everyone (from the office cleaner to the CEO) in an organisation now needs to be security aware to ensure systems and protocols are effective and threat detection is not confined to a small number of people. Rather, it’s a shared responsibility.
Any ‘chink in the armour’ is a potential threat to the overall security of the organisation. We live in an age of the Internet of Things – a web of interconnected technology connected by and to the Internet. Physical security is increasingly a combination of integrated systems managed by the cloud. Any weaknesses (both physical and technological) in this armour can have serious consequences for the business and those working for it. It’s our responsibility as security managers to identify these potential weaknesses and act accordingly. In this way, and unlike The Doctor, we’re not caught on the back foot when facing threats.
Returning to our Doctor Who analogy for a moment, The Doctor is famed for not carrying or using weapons, but rather using wit, ingenuity and reasoning to thwart dangerous adversaries. While it isn’t possible for a security manager to do away with physical security tools, understanding the mentality and behaviour of threat adversaries and communicating the risks is a vital part of any modern security approach.
If you can understand the motivations and tactics of your adversary, it’s far easier to develop the security regime required to deal with and mitigate potential weaknesses, building in security advantages from this analysis.
For example, an intruder breaks through or bypasses a number of security layers, but fails to penetrate a restricted area and reach an asset. Evidently, a review and revised security risk assessment is required, opening up investigative opportunities from a root cause analysis perspective. The analysis will ask questions related to who the attackers were, what was their intent and their capabilities and why the defences were ineffective. Always take opportunities to analyse, rationalise and improve.
Another element that Doctor Who is famous for is the TARDIS, The Doctor’s vehicle for moving around in space and time which is (somewhat surreally) disguised as an old police call box. As with many other elements in the show, this too has evolved over the decades to better match the contemporary technology of the viewer. Characters can even call the TARDIS on their latest smart phone. However, the TARDIS has its vulnerabilities: it should be chameleon-like and change its appearance to match the environment. It needs a good overhaul largely because the TARDIS has been attacked by aliens, missiles, guns and other assorted weaponry. It does its job to protect The Doctor, who rather likes the familiarity of the TARDIS. It works, so why change it?
Technology evolution and integration have transformed the abilities and expectations of real-world security. Protective systems need to be upgraded within a defined life-cycle to mitigate potential vulnerabilities. Being able to monitor security systems and situations via a connected smart device, for example, is now commonplace. However, while technology evolution has many benefits for both security and convenience, it also presents new attack vectors for criminals.
Without a regime of upgrades, security technologies may create unforeseen vulnerabilities that can be exploited by our increasingly sophisticated adversaries. For example, if a smart device connection isn’t secure, it can be compromised. Converged systems may be hacked and security systems used to aid or enable criminal behaviour.
Doctor Who has a distinct fascination with machines superseding their creators and taking control (Davros, the Daleks and the Cybermen being the embodiment of this idea). Similarly, systems such as VMS, PSIM and ‘smart’ video analytics and sensors (supported by deep learning technologies) are reducing the need for human intervention when managing incidents.
Equally, the rapid development of Artificial Intelligence (AI) systems has the potential to massively boost security operations’ effectiveness (for instance, taking on the role of a surveillance observer covering amounts of footage which a human attention span would completely fail to monitor) and removing the risk of human error. Yet this incredible computing power doesn’t always work in our favour and can be manipulated by sophisticated criminals to overcome unprotected security measures. Every day, AI techniques are being used to steal data through social engineering. Chatbots are used to impersonate real people and copywriting styles and idioms. In this sense, we see a merging of technology with the human, creating a metaphorical ‘Cyberman’ of security risk.
Evolution of the security manager
One of the quirkiest (but also most fascinating) plot devices in Doctor Who is the ability of The Doctor to evolve (or ‘regenerate’) into a new body to continue fighting enemies. The Doctor has transformed from a crotchety old man at the outset, through quirky individuals with a penchant for jelly babies and on to impatient, insensitive and critical iterations until the latest incarnation – the first female Doctor. It has only taken some 55 years and 13 regenerations, so not dissimilar to the security profession.
While I’m not for one moment saying a security manager should morph into another person on a regular basis, developing oneself must be a continuous process. As time moves on, new generations of security professionals will come forward and take responsibility for managing security systems and meeting the latest threats. The manager is no longer simply responsible for ‘gates’ and ‘guards’, but also for enterprise risk management, data control, the convergence of systems and linking ‘IT’ with ‘security’.
The security industry thrives on development, and the latest generation of security professionals will undoubtedly develop new tactics and technologies to deal with the threats of the future. There’s much to learn from the latest technology and new thinking.
Continuing to build on previous experience is a cornerstone of security. 20 years ago drones were not an issue, ransomware a mere gleam in the cyber criminal’s eye and cyberbots an enjoyable, but fictional sci-fi antagonist. Specialist providers are able to provide technical and management training programmes covering the latest technologies and issues, while also building on years of hands-on experience.
As is so for The Doctor, a security manager’s key weapon in his or her arsenal is seeing the bigger picture. Security is no longer an isolated function of the business. I needs to be embedded into the organisation. A business still needs to trade, produce its products and interact easily with its clients/partners while maintaining the safety of all.
Doctor Who is all about teamwork (The Doctor always has at least one ‘Assistant’) and security is just the same. By building a winning combination of the most suitable technology, an effective team and awareness of the threat spectrum across the whole organisation, it’s fully possible to meet the challenges of future and evolving threats as well as the more familiar ones.
Angus Darroch-Warren BA (Hons) MSc PSP RISC CSyP FSyI is Director at the Linx International Group