Reducing Overall Costs

How AI reduces false alarms and overall costs

• By Ajay Jain
• Sep 19, 2022

By design, physical security systems warn security staff of intrusions or abnormal behavior. Unfortunately, they get it wrong most of the time. The vast majority of alarms are either false or “nuisance” alarms caused by innocuous events triggered unknowingly by humans, or by the wind, or by an animal crossing a protected area or even by equipment failure.

Chasing down false alarms at large facilities can easily overwhelm Security Operation Center (SOC) staff, distracting them from real events of interest, as well as from other important tasks and services they could otherwise be providing.

In an overwhelming majority of instances, enterprise organizations do not have enough security staff to review the volume of daily security alarms and requests they receive. This often results in a growing backlog of events to investigate, repeat alarms simply being turned off and ignored, and staff burnout, all of which increase costs and decrease efficiency.

In the face of this chronic problem, SOCs can now turn to a powerful, AI-driven solution that detects the root cause of the false/nuisance alarms and further automates the process of false alarm reduction in a systematic way. Using AI and machine learning technology, security staff can rely on software that proactively analyzes and remediates the conditions that lead to false alarms throughout buildings and facilities. This has never been done before.

Automated, AI-driven algorithms can analyze thousands of alarms every minute and classify false alarms with tremendous accuracy. The solution uses historic data to create a model of behavior for every device and real-time data to ensure components are properly performing in the present.

The software robots, dedicated to every door or a device, identify the root cause of the alarms from doors or devices, and then applies advanced logic to fix the vulnerabilities and faulty configurations within the defined guardrails. AI-software does all the heavy lifting to remedy false alarms using its own internal data, allowing SOC teams to focus on real events of interest and other service offerings.

The Many Costs of False Alarms
There are various ways of measuring the costs of the false alarms. Depending on the size of the organization, a SOC can field thousands of alarms each day. On average, it takes 10 to 30 minutes for an operator to verify each alarm via video, then, many times, dispatch a security officer to investigate – only to discover that there is not a threat.

Costs may increase, as the Mean Time to Acknowledge (MTTA) and Mean Time to Response (MTTR) for alarms remain high due to deluge of false and nuisance alarms.

It is no surprise that managing false alarms gets expensive. Within the United States alone, false alarms cost upwards of $3.2B each year, in addition to causing mental fatigue for SOC operators and officers. False alarms require larger security staff, cause work disruptions, and take attention away from legitimate risks. This adds up quickly, consuming valuable budget dollars that might otherwise be allocated for improved systems and services.

Human error can make things worse
When installing a security system, it is critical that end-points are properly aligned and tested to ensure they operate per the manufacturer’s recommendations. Shortfalls can result in thousands of false alarms over the life of the product. 

Another common problem can involve the lack of coordination between personnel schedules and security system settings. Something as simple as arming a section of a building while employees are still coming and going can trigger false alarms.

As the frequency of false alarms increase, SOC staff can lose trust in their own security systems. This often results in masking or disabling problematic devices, which creates severe security gaps and blind spots that can put organizations at risk.

AI intelligence and Automation Solves the False Alarm Challenge
Artificial Intelligence, Machine Learning and Data-driven security platforms are transforming the industry. With domain-centric algorithms to detect false alarms and the speed and accuracy of machine learning, SOCs can now analyze entire security networks and find weak spots that cause false alarms.

In effect, the AI-powered technology acts as a security nerve center, turning raw data into actionable insights. It optimizes physical security device settings and identifies equipment that needs attention or repair – all proactively.

The data provides additional insights about the devices that are not in good health or have the highest anomalies, the alarm threshold of individual sensors, the times of day with the highest alarm rates, the repair history of devices, and much more.

What customers are saying
A global leader in software development deployed the AI-powered SOC automation platform. Within few weeks, the company was able to eliminate false and nuisance alarms by 30,000 a month by optimizing over 350 devices.

As a result, their MTTA decreased by 50% and MTTR decreased significantly by more than 75%. This gave the company the ability to scale up GSOC services globally without hiring additional people, and all four SOCs experienced better productivity rates globally. The project paid for itself in less than a year. The AI-powered technology proactively monitored over 5,500 devices. Further, the company was experiencing high Door Forced Open (DFO) and Door Held Open (DHO) alarms per month.

In few weeks, that count went down to merely one DFO alarm as the software automatically fixed the programming, configuration, and timing issues. The customer was also able to eliminate business disruptions and risks due to faulty devices and equipment. The software was able to detect more than 40 devices that needed repair, more than 140 devices that were showing signs of anomalous behavior, and detected and optimized more than 55 devices that went into an “alarm flood” mode. As a result, all of the company’s GSOCs experienced higher productivity, compliance to their internal Service Level Agreements (SLAs), and better performance from all GSOC operators and officers. There were fewer unnecessary dispatches of security guards, automatic notifications when devices required repair, and greater trust in the security system‘s performance.

Enhancing SOC Staff Performance
Data-driven security automation platforms benefit SOC personnel in many ways. They monitor Key Performance Indicators (KPIs) to help improve the performance of SOC teams overall. Such automation reduces the SOC alarm workload and allows operators to trust what their security systems are telling them.

From a managerial perspective, security management can monitor and assess the performance and outcomes for each SOC operator using meaningful metrics, including Unacknowledged Alarms, MTTA and Critical Alarms by site. Using these data-driven measures, management can acknowledge the contribution of high-performing operators, while also identifying skill gaps of specific individuals. Such insights can empower leadership to create improvement plans that will reduce risk and costs.

Big results in short order
AI-automation can provide remarkable results within days, as it begins eliminating 30 to 50% of false positive or nuisance alarms within a week of deployment, about 80% elimination of false alarms in few weeks and eliminates over 85% of false alarms in one year.

New and innovative SOC Alarm Reduction solutions are not meant to replace security personnel, but to make them more effective. In fact, by freeing up operators and staff from tedious tasks and wild goose chases, SOCs can scale up their services using the funds that would otherwise go toward false alarm management.

This powerful new false alarm reduction technology is poised to empower security teams and system providers to predict failures and take corrective action – improving their performance ratings and operation KPIs.

This article originally appeared in the September / October 2022 issue of Security Today.