Neocortical Security: a New Security Management Model for the 21st Century

Introduced here is the Neo-Cortical Security management model. It derives its name from the neocortex, which enables us to think, organize, remember, and cope with the everyday realities of life. There are six principles that make up the neocortical security model.

Research Based

Neo-cortical security must be intelligence led, based upon data, facts and reality. Therefore data collection, management and analysis are fundamental actions as they force one to focus on actual and not perceived threats. The data you collect will depend upon the issue. For example, suppose you are having a problem with laptop thefts. You may wish to collect information on what floors are being targeted, the specific location of the thefts, what day of the week and time of the day, how thieves are gaining access, what kind of laptops are being stolen and what data is on the laptops that are stolen. The idea is to categorize the information, analyze and compare and try to come to some specific conclusions about how to counter the thefts. Then you must take action and observe the results.

Research and study to determine what works in other settings, attempt to duplicate it and learn from it before applying it to other situations. This research before application has many benefits.

• It separates perceived risks from actual risks and offers quantifiable justification for security programs. In one example, skateboarders were causing considerable damage to a building plaza. By implementing some design changes, the area was made much less skateboarder friendly. The modification costs were easily made up by the savings on damage repairs.

• It exposes the security manager to consider new ways of dealing with old problems. For example, a property manager was struggling to cope with people going into emergency stairwells to consume alcohol, take drugs, etc. For years, security officers escorted them off the property. Finally, it was determined the best way was to eliminate the areas where they were conducting their business. Several spaces beneath the stairs were covered in drywall. They had no privacy and stopped coming to the stairwells. Problem solved.

• It provides the measurement and tracking of losses associated with risks.

• It makes possible a tailored security program for the various threats and risks associated with the business.

• It allows others to review, add, duplicate and challenge observations and findings.

• It makes possible the calculation of the return on investment to determine the appropriateness of the program. In the skateboarder example, let’s say the cost was $10,000 for repairs and $15,000 for dedicated security officers for a total of $25,000. It costs $5,000.00 to implement the design changes to eliminate the problem. The return on investment is $5 saved for every $1 spent.

Understand the Threat Horizon and Be Flexible

It must be fully understood there are multiple threats coming from multiple sources and we have to deal with them all. Divide the threats up into manageable and controllable portions. Do not deal with every threat at the same time. Develop protection programs for each threat. This may take several months to several years. Additionally, threats evolve and change over time. As defined by the concept of displacement, particularly with the criminal element, there are five types. They are by: time, method, type of target, location of the act, type of offence. Time: if criminals cannot break into a bank in the middle of the night, they may decide to rob it in the middle of the day. Method: if a thief cannot break through a hardened door, he may decide to talk his way past a receptionist instead. Type of target: a robber may choose to rob liquor stores instead of banks. Location of the act: instead of breaking into office tower A, a thief instead chooses office tower B. Type of offence: someone may choose to write bad checks instead of robbing banks. Displacement is very real and occurs on a regular basis. This does not mean protection strategies are irrelevant, it simply means they must constantly evolve to provide higher levels of protection.

Understand Ourselves

Security professionals must recognize their strengths and weaknesses, and know the limitations from both the human and systems perspectives. Capitalizing on strengths allows increase of skills and knowledge. For example, a large security department has a high cost of salaries. Justifying the salaries may be difficult, therefore the manager may seek to justify those salaries by offering a number of services that are not ordinarily offered. If training or knowledge is needed, it is incumbent upon the security professional to acquire those skills. Security professionals cannot place complete faith in themselves or others, nor can they place complete faith in security systems. No person or system is perfect. The pursuit of knowledge and training must not stop; the security profession is evolving at a dizzying speed.

Network Based

Thinking the security professional is alone in crime control, threat mitigation and risk reduction is incorrect. Security professionals must develop partnerships and networks. We must stop seeing other organizations as neutral, irrelevant or the enemy. We must recognize that providing security services and protection is not a competition between businesses or between the private and public sector.

A network can be composed of individuals, organizations, departments, a single security shift, computers, etc. Most of us are familiar with the classic hierarchal pyramid command structure, with a single node or leader at the top. This structure is common in law enforcement, the military and private security. This structure has its strengths but it also has its flaws. Chief among them is the bottleneck created in the decision making process. Generally speaking, the more senior the decision, the higher up the structure the authority to make that decision must go. This slows down reaction time.

The two parts to the network are the core and the peripheries. The core is characterized by dense connections between individuals. The core provides the steering mechanism for the unit as a whole. The core can be highly structured and enduring in nature, or loose, fluid and flexible. The core comprises senior departmental leaders and, depending upon the size of the department, number of sites, shifts, it may consist of several managers and assistant managers working together and meeting on a regular basis. Decisions are made when all available information is presented taking into account the needs of the clientele, organization, department, staff or others. If it is a single site with one manager, an assistant, shift supervisors and patrol officers encompass the entire structure, then the network would consist of the manager and supervisors. One of the earmarks of a successful security network is the degree of communication between nodes or members. Taking the network down to an operational level, a single shift can consist of a single security officer or a supervisor and several officers. The important thing is to remember the network is not a stand-alone entity. Whether it is a single officer or several, there are other nodes available. Does local law enforcement come on site? Depending upon the level one occupies, the network may consist of adjacent security managers, members of the local security organization, local law enforcement, other security officers in the area, a mobile patrol supervisor and staff at the site where you work. A simplified visual representation of this network may look like the following:

Apply Existing Theory, Practice and Research

There are a number of environmental crime control theories and practices such as Rational Choice Theory, Crime Prevention Through Environmental Design, Routine Activities Theory, Defensible Space Theory and Situational Crime Prevention Techniques available. Security managers should experiment with them. A security professional must learn what is required to motivate criminals to leave without causing a problem. Environmental crime control theories revolve around the location or potential location of the crime. This is a different focus from traditional social crime control theories which concentrate upon the offender rather than the offence. The fact is most social crime control theories are far beyond the control of individuals and fall under the auspices of government, religion and other institutions. Environmental crime control empowers the individual. Generally, it calls for the manipulation of the environment to detect, deter, delay and/or deny the criminal. It deals with ‘why’ an offender seeks to carry out their illegal activity at a micro level and moves away from ‘why’ does an individual generally carry out illegal activity. It provides us with the strategies to take control back from the criminal and is one of the lynchpins of neocortical security. Best of all, they work. In addition, law enforcement is far ahead in problem solving techniques and there are a host of resources available that are directly transferable to deal with security challenges.

Tripod of Security

The tripod of security refers to personnel, hardware and documentation. First, maintain an appropriate and effective level of security professionals. Personnel are the most important leg or component when it comes to the tripod of security. The second leg is ‘Hardware,’ which is the physical security components such as locks and keys, CCTV system, bars, fire alarm system, alarms, etc. The third leg is ‘Documentation,’ which refers to standard operating procedures, life safety plans, emergency response plans, etc. These three legs are vital to any effective, comprehensive protection program.

While the concept of neocortical security may be new to many in the private security sector, some of the issues making up the model are already standard operating procedures in certain segments of the industry. What has been missing is the framework in which to combine the theoretical and practical aspects of modern security practices and procedures into a single body.

The author gratefully recognizes the contributions of Col. Richard Szafranski (Rtd) of the U. S. Air force, and his wonderful document entitled “Neocortical Warfare: the Acme of Skill”. Szafranski’s essay appeared with several others in a document entitled: “In Athena’s Camp: Preparing for Conflict in the Information Age”.