Security Operations Centre (SOC) Teams: Unseen heroes at heart of security
Highly regulated and running 24/7, security operations centres (SOCs), and the operatives within them, are the unseen heroes behind an effective remote security solution.
Arguably the cornerstone of remote security services, SOCs, sometimes referred to as ARCs (Alarm Receiving Centres) or Control Rooms, respond to a wide range of incidents on a daily basis. Operatives work under pressure to protect people, property and client assets, utilising the latest technology in unison with their own human judgement.
Life on the front line
No two days are the same in a SOC. Operating round the clock, SOC teams are trained to respond quickly to a range of incidents – from CCTV, fire and intruder alarm activations, lone worker alerts and break-ins to serious violence or locating and contacting individuals caught up in attack or high-risk situations.
In many situations the stakes are high. Operatives must maintain contact with the individual concerned and make the right decision quickly to minimise risk or threat to life. They will liaise with the police and emergency services where needed, as well as keep the client updated, and carry out post-incident reporting and analysis to ensure that processes are working effectively.
In a fast-paced and high pressure environment, it takes a unique individual to deliver the level of service required for SOC excellence.
Meet the team
Carefully selected operatives are at the heart of every successful SOC. As you might expect, applicants go through a rigorous screening process in compliance with BS 7858, as well as additional checks and verifications required by a SOC’s client base.
Those from security and non-security backgrounds can apply, indeed, SOC roles often attract candidates from a customer service, technical or help desk background, as well as those who have previously worked in emergency services control rooms. Applicants need to have excellent communication skills, a confident manner and crucially, the ability to stay calm in crisis situations. They must remain alert and vigilant at all times.
Regardless of background, all recruits receive comprehensive on-the-job training, as well as ongoing professional development to keep them at the forefront of SOC excellence. Considering the high-pressure nature of the job, individual wellbeing is important, with discounted gym memberships, healthy food and access to counselling provided in a well-run SOC.
Working with local emergency services
Invaluable to clients, SOCs are also a resource to police, fire and ambulance services. For instance, SOCs frequently receive CCTV requests from police and, after clearing client permission, assist in providing evidence and identifying criminals.
Responding to lone worker panic alarms now accounts for a large part of the SOC operative’s role. Once an alarm has been picked up, operatives alert the police if there is a threat to life, or ambulance if medical assistance is needed, all the while staying in contact with the lone worker.
A recent example of how Securitas’s SOC worked closely with local services involved a lone worker who faced a serious threat of violence. Within seconds of the panic alarm, the operative had assessed the situation and requested police attend the scene, whilst reassuring the individual help was on its way. In another case, the SOC was able to quickly request medical assistance for a mobile officer, as well as dispatch colleagues to attend while they waited for the ambulance.
Similarly, during the Westminster terror attack in August 2018, the SOC was able to search for and locate users of a mobile-based tracking app in the vicinity. A geo-fence was set around the Houses of Parliament and Westminster to identify individuals at risk. One person was tracked and contacted immediately to confirm they were safe and well. The SOC was also able to feed back to the individual that police had the situation under control.
Systems and technology: the future SOC
SOCs are designed to ensure zero downtime, including during maintenance or system upgrades. Disaster recovery plans, in line with industry standards, are vital, including the ability to provide continuity of services in the event of a major, unforeseen incident which may require the SOC team to relocate to a disaster recovery site. Suppliers to a SOC face stringent due diligence checks to ensure their systems are fit for purpose.
For those responsible for SOCs, the Centre for the Protection of the National Infrastructure (CPNI) provides advice and guidance on some aspects of their design, implementation and management.
Security technology is evolving all the time and cyber security is now as important as physical security, with SOCs needing cyber security certification. Cloud-based, hosted systems can be used to improve resilience but raise questions around GDPR which need to be carefully considered.
The security industry is moving from reactive to intelligent predictive solutions which the SOC is central to providing. Future uses of AI and automation to enhance monitoring will improve the SOC’s ability to evaluate data and predict threats before they happen. Equally, open source intelligence and behavioural analytics will improve security delivery for clients and the wider population.
And as technology improves, so too will people performance. Upskilling teams in the control room, alongside new tech adoption, is key to achieving the perfect balance and allowing our SOC heroes to excel.
Chris McNally Remote Services Director and Omar Abu-Rish SOC Excellence & Insight Manager
Securitas Company Profile with links to other articles from Securitas in City Security magazine
The evolving role of security and technology by Craig Robb, Chief Commercial Officer, Securitas UK