Don’t be the smartest person in an empty room
One of the peculiar things I find about the security industry is how secretive we can be about what we do and how we do. I’m not talking about operational security matters of course. I’m talking about sharing information among professionals about how and why we do things the way that we do them. In this article I want to talk about the benefits, limitations and challenges of information sharing among peers.
Cyber does it better
One of the things I admire about both the scientific, academic and the cyber security communities is how well they open up their methods to external scrutiny and peer review. I’ve always been an admirer of the open source viewpoint in cyber security. Write the code and open it up to review by both your peers and competitors. A brave move but one that benefits everybody in the community. The same principles apply in the academic community. In the physical security sector, although I feel it is improving it is still a long way off. While there are a growing number of professionals out there willing to support and provide constructive advice and even criticism there are also a(much larger) contingent who will bemoan, begrudge and criticize from behind a keyboard. This knowledge is enough to keep many from sharing what they do and how they do it. Of course there is also competitive advantage etc. but that’s a poor excuse really.
I don’t want to give the impression that all areas or all professionals are at fault here. That’s not the case at all. There are some fantastic people out there in the industry who gladly and freely give up there time weekly to share information to the wider community for no personal gain to themselves.There is still a large majority who do not however. Particularly in the manned guarding, security consultancy and security training areas.
Why do professionals working in these areas keep their methods and processes to themselves. My opinion is that it’s largely out of fear and sometimes out of ego. “ It’s mine and it’s better than anybody else’s”. To some extent I can understand that. I have on multiple occasions been handed material that’s is my own by other trainers and from clients who got it from somebody else. One even forgot to take my name and copyright from the bottom of the slide. It’s a pretty common occurrence for some to raid the material of others and offer it cheaper. So it’s understandable from a business point of view. I’ve never been too concerned by it however. My experience above proves to me that taking someone else’s work and passing it as your own (regardless of how good the work is) doesn’t bring long term success. In the situation above I had a client coming to me who wasn’t happy with their previous provider. The previous provider was delivering my material. They came to me through my network. I delivered the exact same material and they are a happy client to this day. I actually think it give me the edge over the other supplier. If we are both in possession of the same content, process or material then we are competing on quality of service delivery. If they are cheaper and that’s what’s important to the client then I don’t want that client anyway. They will pay in the long run.
If we look around at of the traditional professions we can see that processes, procedures and content is shared among peers and competitors alike. That’s what happens when you want an industry to grow and not just a business. There is no point in 10% of the industry being excellent and the rest being poor. If the 10% helps and supports the 90% then the whole industry gets better. I’ve spent hours on the phone to peers and competitors giving advice and support or just a sounding board. I’ve been lucky enough in my career to have people do the same for me. I’ve shared templates and content and procedures freely. All with a desire to see others get better so that the industry can get better and I can get better.
My outlook is that if we can improve standards as an industry then it challenges me to constantly improve if I want my business to be regarded as a leader among that industry. Who wants to be the best of a bad bunch? What’s the point? I have no problem sharing any of my processes, procedures and content with anybody (obviously without breaching any client confidentiality) who works in the industry and I think others should move towards that outlook.In the manned guarding sector I think there is great scope for providers to work more closely together and share best practice better than they currently do. Assuming that your way is the best or only way of doing things is quite naive if you have never seen what others are doing.
This article is not a criticism. Its a call to action and a sincere request that as an industry we get better at sharing. Sharing what we do proudly and without ego. Sharing what makes us successful so that others can follow. It’s only if the whole industry’s reputation improves that our brand can improve. Whether you are a security manager, security trainer or security consultant there is much you can teach and much you can learn from your peers and your competitors. I leave you with this :