The Real Bottom-Line Costs of False Alarms
Yaron Zussman Shares Insights into the True Financial Impacts that Perimeter Security False Alarms Can Have on a Utility and What You Can Do to Reduce Them
Utility security professionals know it takes a multilayered approach to have effective security. What might not be known is just how multilayered the financial impact of false alarms can be to a utility. We sat down with Yaron Zussman from Magos to talk about the bottom-line costs of false alarms and what your organization can do to ensure they are minimized.
Utility Security:
What are the biggest challenges utilities face when it comes to implementing a perimeter security strategy that minimizes false alarms?
Yaron Zussman:
One challenge I often see is that organizations might not be conducting a thorough enough risk assessment and survey for each site so that they can get better insights into what technologies best match the need. Additionally, if the utility’s security teams and/or integrators are not appropriately trained to install, maintain or operate these systems effectively, it can create a situation that leads to greater false alarms.
For example, radar and thermal cameras are often deployed, but it takes a certain level of knowledge and expertise to make sure those solutions are set up so that they aren’t overly sensitive and don’t create a lot of false alarms.
We live in a world of change. And when it comes to a strategy of minimizing false alarms, it’s really important for a utility to establish long-term partnerships with the end user, integrator and manufacturers to ensure ongoing optimization and consistent updates. This includes regular software and firmware upgrades, applied across all locations, especially for utilities with a large portfolio of sites.
Additionally, it’s vital that a utility deploys a dedicated sandbox testing system. Without a test environment, uncoordinated changes can lead to a domino effect of failures, especially when integrating multiple technologies.
Utility Security:
False alarms come with costs on many levels. Can you talk about the financial impact that utilities face when they experience false alarms?
Yaron Zussman:
False alarms can lead to significant financial implications for utilities, especially at critical sites. If a perimeter intrusion detection system (PIDS) generates frequent false alarms during testing, it can delay the commissioning of the site. Utilities operating these sites face steep fines. If a fully functional PIDS is not in place by a specific deadline, the penalties can range from tens of thousands to hundreds of thousands of dollars per day, depending on the site and regulatory agreements.
On a smaller scale, some false alarms—like mistaking wildlife such as a deer for a person—may have minimal immediate financial impact. In these cases, the Security Operations Center (SOC) operator can simply tag the event without physical damage to the site. However, if a real intruder is misclassified as a harmless animal, the consequences can be severe. For instance, an undetected intruder could engage in copper theft, equipment tampering or other damage, resulting in costly repairs, potential service disruptions and even compliance issues.
Beyond direct financial penalties, the operational costs associated with responding to frequent false alarms add up. Every time a false alarm occurs, security personnel must investigate, diverting resources from legitimate security needs. This not only increases labor costs but can also lead to alarm fatigue. This can lead to operators becoming desensitized to alarms, which in turn may lead to real threats being missed.
In some cases, excessive false alarms may lead to the need for utilities to replace the faulty technology entirely or continue investing time and resources to correct it. This process can be resource-intensive for all parties involved, impacting both financial and operational efficiency.
Utility Security:
What do utilities most often get wrong when they look to build out a system and a strategy that minimizes instances of false alarms?
Yaron Zussman:
One of the most common mistakes utilities make when building a perimeter security system is designing it in a way that prioritizes minimizing the workload on SOC operators by reducing the system’s capabilities. While this approach may reduce the number of alarms, it often compromises the system’s ability to detect real threats, leading to critical security gaps. The key is to strike a balance between alarm volume and system sensitivity without sacrificing security performance.
Another challenge is that decision-makers in the utility space often oversee multiple disciplines, not just security. As a result, they may establish site defense rules based on operational or financial considerations, which can deviate from security best practices. This can weaken the overall PIDS strategy and reduce its effectiveness against potential threats.
Additionally, there’s a misconception that if a technology performs well at one site, it will work just as effectively at others. In reality, each site presents unique risks, environmental factors and challenges, such as varying terrains, climates or proximity to populated areas. Conducting detailed site surveys and assessments is crucial to understand the specific needs of each location and tailor the system accordingly.
Utilities sometimes also fall short by failing to work closely enough with vendors and integrators during the planning and deployment phases. Selecting the right technology is critical, but equally important is ensuring it’s configured and maintained correctly to maximize its effectiveness and minimize false alarms.
To avoid these common pitfalls, utilities should focus on building a system that integrates security, operational and financial needs while still maintaining robust threat detection. This includes conducting comprehensive risk assessments, customizing solutions to the specific requirements of each site and fostering ongoing collaboration with security technology providers. By adopting a holistic approach, utilities can ensure their perimeter security system delivers accurate alerts while minimizing the risk of false alarms.
Yaron Zussman is the general manager of Magos America Inc. and has 20 years of experience in the IT and security industries. Before joining Magos, Zussman was the CEO of FST Biometrics America, a biometrics company focused on the frictionless access control market. He serves on the advisory board of several technology startup companies, including Securithings and Actall. Zussman is also a volunteer board member of the Foundation for Advancing Security Talent and a member of the Executive Advisory Board of the Security Industry Association.
- How Unified Physical Security Solutions are Helping Utilities
- Danger from Above: The Time is Now to Address Drone Risks
- Substation Security Challenges: Conducting Threat Assessments
- Reducing Copper Theft in the Electrical Sector: A Strategic Approach
- Will Your Critical Substation Survive an Attack?
- The Four Crucial Employee Security Skill Sets
- ISC East Offers Utility Security Professionals a Wide-Range of Industry Specific Education & Resources
- Five Questions with Utility Technology Association President Vicky Wilson Turner
- It’s the End of the Year As We Know It (And I Feel Fine)
- Why Utility Cyberattack Risks Continue to Rise
- The Real Bottom-Line Costs of False Alarms