Proper data tracking and analysis are critical to the success of any business. At its core, data tells a story about what has happened, what is likely to happen, and what to do next. Prioritizing data can help security companies prove their value and improve the effectiveness of their processes and services. Clients like to see numbers, and having relevant data readily available gives security companies a competitive advantage.
What are security metrics?
Security metrics are quantifiable measurements used to understand how processes, systems or services are performing. There is a heavy focus on cybersecurity metrics, but data is just as important for physical security companies.
Metrics go hand-in-hand with key performance indicators (KPIs). Think of KPIs as your end goals, and metrics as the measurements you will use to determine whether the company is coming closer to achieving its goals. Some find it easier to establish KPIs first and then figure out what metrics they will need to use in order to determine the success or progress of the KPI.
Why do metrics matter?
Metrics allow security companies to prove their value to clients, which may persuade them to devote more money to their security budgets.
The metrics track and define productivity as well as cost avoidance, and they enable those analyzing the numbers to determine areas of weakness that should be addressed.
Data must be tracked over time; you won’t learn too much about your team’s performance in a month, but you will have a lot to consider with several years’ worth of metrics. If you are not currently tracking metrics, or don’t have a reliable system for tracking them; now is the time to start! Companies looking for a simple and affordable solution may consider a security software like Patrol Points. Not only does it streamline operations and data entry for staff, but it generates reports automatically.
How to determine which metrics are most meaningful
One of the most challenging parts of tracking metrics and setting KPIs is deciding which pieces of information will be more relevant and valuable to you, your team, and your clients. Those that have an established data tracking and measurement system would recommend starting by identifying risks or problems first. Once it’s clear what the client needs, you can come up with solutions and steps that will lead your team to success. Identifying KPIs first and then trying to find ways to attach them to existing problems can lead to disappointment and failure.
Avoid tracking unnecessary KPIs which will not inform future security strategies. Keep in mind that most KPIs also come with some level of cost. Whether it’s time or money, changing a process, recording data, and analyzing the numbers will use up resources. As such, it’s important to choose KPIs and metrics wisely.
Things to keep in mind when creating KPIs
Your security company’s goals should be SMART – that is simple, measurable, actionable, relevant and time based.
KPIs should not be overly complicated to measure. It should be clear why each KPI has been selected and how it will help your company, your client, or both.
The method by which each KPI is measured should be clearly defined and consistent. It’s easiest to measure numbers, so try to stick to quantitative measurements if possible.
You should be able to use KPIs to make smarter decisions. For example, after a year, you should have enough data to determine if a particular security strategy has helped to prevent a specific issue or behavior from occurring.
If what you are measuring is not relevant, it won’t provide any value to you or your clients.
KPIs should be used to show changes over time. An effective KPI will have a start date, and many will have end dates. You should also be able to organize data by days, months and possibly years.
Examples of what to measure
Below are just a few examples of KPIs and metrics that physical security companies might use.
|KPIs||What do we want to know about?||How will this be measured (metrics)||What is this measuring?|
|Number of guests signed in (Goal could be to have 500 sign-ins each month)||How many guests sign in to the building? Does the number look too low and are guests simply not signing in? How many guests need visitor parking? Is the number increasing, and if so, should an online visitor management system be introduced?||Number of guest entries/month Number of guest spots requested each month||Workload|
|Total number of incidents (Goal could be to lower incidents by 10% in 1 quarter)||How many security incidents occur in the building? Is the number increasing or decreasing, and what is the reason for the change? Do more security prevention strategies need to be implemented?||Number of events/ day (/guard) Number of events/ month (/guard) Number of events/ year (/guard) Number of events/ event type||Cost to value Key risks Workload|
|Number of incidents in parking lot, lobby and gym (Goal could be to minimize incidents in these facilities by 3% in 1 quarter)||How many incidents occur in each facility every month? Are certain facilities more prone to security incidents on certain days or months?||Number of incidents/facility/day Number of incidents/facility/month||Key risks|
|Resolution time (Goal could be to have 80% of incidents resolved on the same day)||How long is it taking your team to resolve a security incident? Is the resolution time acceptable? Are there process or technology improvements that can be made to reduce this time? Do staff require more training?||Resolution time measured in minutes, hours or days Average time to resolve an incident Average time to resolution/incident type Average time to resolution/resolution strategy||Mitigation success Process success|
Top security metrics for 2022
Curious to know what other security leaders are measuring? Security Magazine has released its Security Benchmark Report and has included the metrics that professionals in this industry care about the most.
In 2022, workplace violence risk management remained top-of-mind for security leaders and organizations. “In addition to being one of the most frequently cited metrics used by […] respondents, it was also the top-ranked ‘critical issue’ reported by security leaders this year,” states the report.
Cost avoidance and return on investment (ROI) were also ranked high-priority metrics. That’s because if security leaders can translate their data into evidence of strong cost and risk avoidance, they have an opportunity to prove their value to current and prospective clients. Moreover, proving a return on investment for expensive security services or technology can also make clients more inclined to renew contracts or invest more in security solutions.
Other metrics that made the list include:
- Shrink/loss performance and fraud recovery rates
- Cost of theft
- Risk management statistics
- Security standards compliance
- Volume of incidents, threat management cases, weapons detection statistics
- Resiliency statistics (time to recover)
- Investigations (cases, follow-up)
- Productivity statistics
Establishing a meaningful data measurement system can be a lengthy undertaking, but it’s worth the time and work. The new insights you get when metrics are properly applied often prompt changes to correct or optimize processes. But more importantly, you have the information you need to make informed decisions to elevate client satisfaction and your company’s performance.