Real Words or Buzzwords?: Situational Awareness – Part 1

This is the 21st article in the “Real Words or Buzzwords?” series about how real words become empty words and stifle technology progress, also published on

By Ray Bernard, PSP, CHS-III

Across the physical security industry, the label “situational awareness” has been applied to products and systems that weren’t advanced enough to provide the capabilities truly needed.

In earlier decades, a common cyclical approach to physical security technology selection and deployment was to (a) attend a security conference technology show floor, (b) select a technology that seemed to best fit the price and security operations requirements, and then (c) work around the technology shortcomings using people and process. Then, after the security technology capital expense had been amortized (usually five years), head to another security conference and search for technology worth upgrading to (typically via “rip and replace”). That approach stopped working once security technology expanded beyond standalone site-specific deployments.

The transition from analog to digital technology and the resulting advances in security product capabilities, have forever changed the physical security technology landscape. It is not feasible to rip and replace physical security systems across an entire global or national enterprise. A new design approach is needed to enable end user customers to develop an evolvable intelligent technology infrastructure (illustrated here), one that provides the operational capabilities needed to respond to changing risks and changing organizations. An important part of that technology infrastructure should be situational awareness capabilities.

The Search for Situational Awareness

Years ago, it became apparent that the era of accelerating technology advancement had arrived. Data mining, machine learning and advanced analytics techniques had emerged in manufacturing operations, business management and other sectors. Seeing this, I was prompted to search for a physical security “situational awareness platform” that could live up to its name. Over the past two years, numerous vendors have promoted their offerings as situational awareness platforms or solutions, yet all the scenarios and examples I have been shown fell far short of my end-user clients’ security operations’ needs.

Security Operations Center (SOC) staff would process alarms, and Emergency Operations Center (EOC) teams would consume risk information feeds and geographical map information, but the burden was almost entirely on the staff to assess and define the situation, coordinate responses, and deal with communicating the unfolding situation. There was minimal support from security technology platforms, apart from active video surveillance and review of video recordings. A considerable amount of human effort was involved in managing incident response. The security system tools did not encompass response team and resource management, even on a small scale. The burden of situational awareness would transfer quickly from technology platforms to individual operators, where human capabilities can only go so far.

For example, small incidents, like two trespassers on facility grounds or door forced open alarms, were easily dealt with. After viewing a video display automatically triggered by the alarms, a security officer would be dispatched to respond the alarms. Video systems would provide tracking to help officer response to situations like a terminated employee gaining unauthorized building access by tailgating. However, on close examination, it could be seen in these incidents that the actual situation wouldn’t be understood until an officer directly observed or engaged in dialogue with one or more threat actors, which can be a very risky approach.

Can True Situational Awareness Be Achieved?

I’m not saying that current-day video system and other technology capabilities are not impressive and critically important. They are. However, my observation of the use of situational awareness technologies was that for most incidents, “alarm awareness with remote observation via video” would have been a more fitting description than “situational awareness”. Situational awareness usually occurred mid- or post-incident.  When the responding officer achieved situational awareness, it often couldn’t be communicated, because even brief radio use would interrupt effective handling of the offenders being confronted. When a multi-person or multi-team response was required, achieving real-time situational awareness at the operational level was rarely possible.

In the preface to their 2011 book, Designing for Situation Awareness: an Approach to User Centered Design, Second Edition, authors Mica R. Endsley and Debra G. Jones describe a situation that prevails across many industries and management domains, not just physical security: “While a clear understanding of one’s situation is undoubtedly the critical trigger that allows the knowledge, skills, and creativity of the human mind to be successfully brought to bear in shaping our environment, very often people must work uphill, against systems and technologies that block rather than enhance their ability to ascertain the information they need. Knowledge in a vacuum is meaningless. Its use in overcoming human problems and achieving human goals requires the successful application of that knowledge in ways that are contextually appropriate. Yet, across a wide variety of engineered systems, people face an ever-widening information gap—the gulf between the data that is available and the information that they really need to know.”

In physical security, it isn’t quite the case that technology blocks the ability to obtain information, rather it is that product and system capabilities are insufficient to obtain and share the information needed. I believe that this primarily results from a poor concept of what situational awareness means in the context of security operations. The label “situational awareness” has been applied to products and systems that weren’t advanced enough to provide the capabilities truly needed.

In the physical security industry, the adoption of information technologies to provide situational awareness functionality has to date been done mostly using a technology-centered approach, rather than a human-centered approach. If you doubt this, perform an Internet search on “Total Situational Awareness” and check the results; the articles relevant to physical security are centered around technologies.

Can We Truly Achieve Situational Awareness?

Wikipedia provides an excellent article on the topic, which opens with this definition: “Situational Awareness or Situation Awareness (SA) is the perception of environmental elements and events with respect to time or space, the comprehension of their meaning, and the projection of their status after some variable has changed, such as time, or some other variable, such as a predetermined event.” That’s a very high-level conceptual definition. However, the article then proceeds to present a look at the full landscape of situational awareness, including a good diagram of the factors involved in a human-centered approach to achieving situational awareness.

The next article (Part Two) on Situational Awareness will provide an operations-level definition for “situational awareness” that fits security and emergency response requirements. It will apply the diagram (of a human-centered approach) to specific risk scenarios. And it will reference materials that include 16 risk-specific examples that illustrate the breadth of requirements for security situational awareness and incident management. You’ll be able to take this knowledge and understanding with you to the next security trade show you attend.

Ray Bernard, PSP CHS-III, is the principal consultant for Ray Bernard Consulting Services (RBCS), a firm that provides security consulting services for public and private facilities ( He is the author of the Elsevier book Security Technology Convergence Insights available on Amazon. Mr. Bernard is a Subject Matter Expert Faculty of the Security Executive Council (SEC) and an active member of the ASIS International member councils for Physical Security and IT Security.