Bias vs. Experience in Physical Risk and Vulnerability Assessments 

In anticipation of GSX, we sat down with presenters of upcoming sessions in order to get a better understanding of the topics at hand. This week we are featuring, Bias vs. Experience in Physical Risk and Vulnerability Assessments,” presented by Terry Conlon, Commercial and Training Manager at RFC Security Group, Benjamin Crum, PSP, President at Architectural Security Design Group, Joseph Hendry, PSP, Senior Director of On-Site Services at Navigate360, and Drew Neckar, CPP, President at Security Advisors Consulting Group. Read on for what they had to say and don’t forget to register for GSX 2022

Q: How did you become interested in your topic? 

BC: Professionally, I have been designing K-12 Schools for over a decade and while physical security has always been an aspect of that, we are really seeing it take more precedence.  My journey began with earning my CPTED Professional Designation.  Those classes had a mix of people with different professions and backgrounds, and I had the opportunity to talk with classmates about their experiences and compare how we approached things.  I noticed that clients would tell us they had a security survey done, but the recommendations would have a negative impact on the overall design or not meet building code requirements, because these reviewers weren’t experienced in architecture or building design.  So I started asking, “how can we design these building elements so they perform better?”  Then, I set out to better understand the different aspects of security design.  I also became active with ASIS International, got my PSP certification, and continued the conversation on how security reviewers backgrounds affect their recommendations.  I want to challenge security professionals to look at their background and see how it can create a bias, while also encouraging them to capitalize on their experience, then to go learn more about the areas they are unfamiliar with. 

Q: Tell us about your presentation and why should security professionals have this topic on their radar? 

DN: Every security program has either threats that they are blind to or potential mitigation solutions that they haven’t considered. Often these are the result of the security leader’s background and the fact that we all gravitate toward what we are most comfortable and familiar with. Maslow’s adage of “if your only tool is a hammer, it is easy to see everything as a nail” often holds true.  Effective examination of security risk and mitigation requires us to step into the unknown and try assessing the problem objectively, setting aside our preconceptions. Security professionals need to be aware enough of our own biases to realize that this time around it may be a screw or a bolt rather than a nail, and while we may be able to make an impact with our hammer, we would be much better off to open up the security “toolbox” and pull out a screwdriver or wrench. Our presentation will highlight times where we have used the wrong “tool” due to our biases or have seen others do so, and our advice and experience on getting past these biases to see and use the full contents of your “toolbox”. 

Q: What advice you would give security professionals interested in this topic? 

JH: I would tell them to open your mind beyond what you think a risk and vulnerability assessment is about. Coming from a military/ law enforcement background I found myself wanting to always approach physical risk assessment from that type of mindset. When I was studying for my PSP and started talking and working with other professionals in the life safety field from NFPA, Insurance Companies, K-12, Health Care, and industry product providers, (and yes, lawyers) I realized my viewpoint was too narrow and was colored with bias from my experiences. I was missing how many of the pieces fit together to form a comprehensive safety and security program. While I was thinking physical items and checking boxes, I was missing the cultural thought processes, plans, and training that make a security program work. I was also missing how some recommendations that may work in a military or law enforcement setting could be dangerous when not examined from a holistic approach. Overcoming my biases also helped me see how to help others overcome theirs when it came to certain problem-solving solutions that I may recommend in a comprehensive risk assessment. It’s about being open to professional development all the time. 

Q: How do you see this issue evolving in the next 2-5 years? 

TC: When we have a deeper understanding of the benefits of the unknown by way of a multi-layered professional collaboration in conjunction with the academic and professional understanding we can further enhance the overall proactive and reactive framework of physical security strategies resulting in far greater success. As we journey through the coming 5 years I envisage a security industry more collaborative, expansive, less myopic and far more open to an amalgamated future of academic and professional integration between multiple stakeholders and industries benefiting the physical security practitioners of the future thus mitigating the historical roadblocks of the passed.