In my last blog, I introduced two concepts, operational engagement and operational integration. I believe that both concepts are critical to the overall development of a genuinely proactive security organization. This week, I want to dive a little deeper into the concept of operational engagement.
Operational engagement is a term used to define the active expansion of security capability through the communication to and involvement of all staff in security operations. By all staff, I mean everyone, especially those who are not in Security. Non-Security stakeholder inclusion is an area where I think we see a lot of atrophy and abdication in traditional security practice. Atrophy in the way we may allow general complacency to enter how we connect with non-security stakeholders, and abdication in how we can sometimes see Security failing to lead through collaboration as a critical component of our overall security responsibility. In either case, failing to engage increases overall security vulnerability and fails to help raise the overall profile of the security program’s business enablement functions.
When we are thinking about operational engagement, we must think in terms of expanding our capacity through effective communication processes. Think in terms of force multiplication. Force multiplication is defined as a process or resource that extends the capacity and capability of your otherwise limited security forces. Effective operational engagement extends our eyes and ears and hardens otherwise soft targets within our organizations. It helps draw operational intelligence from more sources and expands what we know about vulnerabilities within our programs.
An excellent example of operational engagement is the use of regular safety huddle reporting. In a healthcare setting, we know that violence is a critical problem. We often see violence perpetrated on ancillary staff by a patient even though the bedside clinical staff and security staff know there are issues with that patient. But what has not happened is the sharing of the information more widely. Consider that if we can identify a high-risk patient, we can empower staff to be safer with that patient by sharing that information. Not just for our bedside staff but also every ancillary department that may be required to service that patient during their stay. This can only be done through effective engagement of the ancillary staff and their leaders in the information sharing associated with identifying high-risk patients. If this can be done effectively, then we can reduce assaults on our staff with that patient. That is a force multiplier well worth the investment.
What are your thoughts? How do you effectively engage your organization in security operations? Do you see the value of the operational engagement concept? Join the conversation in the comments below, and don’t forget to like, follow and share to support the Proactive Security Blog.