Rather than the traditional panel made up of security insiders from a variety of companies discussing a variety of topics, this year’s State of the Industry session took a slightly different approach. The audience, which outnumbered chairs, was treated to a more of a highly focused case study featuring three security and IT professionals from Paramount Pictures discussing the studio’s security overhaul to address a number of previous concerns.
Scott Phemister, Paramount’s executive director of Global Risk and Crisis Management, took the reins, walking attendees through the lot-centric approach to security the studio adopted previously to protect its 65-acre Hollywood property and the 150-plus buildings on that site. While Paramount’s perimeter security was top-notch, that approach left a lot to be desired. For example, it didn’t take into account the studio’s 25 off-site locations, special events and production and filming locations worldwide.
“Our global footprint is expanding, but our security program didn’t,” Phemister said.
As part of a new vision adopted in 2013, a new team was formed to enhance Paramount’s existing security operations center (SOC), the small space where security staff monitored 10 disparate systems that were generating more than 1,000 alarms a day. Adding to the challenge were manual analysis, an inability to prioritize alarms and paper-based procedures. The result was overlooked alarms and events, and slow, inefficient, untimely and inconsistent response.
Recognizing the security risks these factors introduced, Paramount embarked on a course to redesign its SOC and deploy a physical security information management (PSIM) solution to integrate its systems, analyze alarms, prioritize responses and implement predetermined workflows.
Based on security systems’ move to IP, Paramount’s security team worked closely with IT in determining its needs and evaluating solutions.
“There are 10 ways to skin a cat. You have to make sure the technology is applied in a way that actually provides benefit to the business,” said Jeff Reider, senior analyst for global risk and crisis management. “If you don’t have an IT partner when you’re evaluating solutions, get an independent third-party for the analysis.”
The relationship between IT and security is more than a theory for Paramount; it’s actually a mandate that comes from the top of the organization. Representing the IT side of the house, Steve Tiffany, Paramount’s director, studio systems, said that type of top-down support has been extremely valuable.
“It allows us to do what we do best while they can focus on what they do best,” ST said.
Following a discussion of the evaluation process, the three offered tips for a successful PSIM implementation (see box below) before sharing the results of their implementation, which went live in February 2015. In addition to consolidating 10 systems into one, within a month, the solution reduced the number of alarms by 93 percent by filtering out nonactionable alarms and events.