‘Security isn’t the standalone it used to be’ – Blending CCTV analytics with behaviour analysis

Former Met Police Inspector, Shaun Hilton, gives a preview of what he’ll be presenting at IFSEC on Tuesday 16 May, as he says the Manchester Arena bombings demonstrated the importance of cross-team communication.

The capabilities of modern security systems are best exploited in concert with “behaviour detection with a customer service approach”, according to former Met Police Inspector Shaun Hilton.

In the following Q&A Hilton, now an independent security trainer and consultant, previews his upcoming IFSEC 2023 talk on ‘Enhancing technical security solutions with behaviour analysis’ and considers the implications of Martyn’s law for how the security industry operates.

Hilton delivers courses for Tavcom Training and Super Recognisers and is a former Metropolitan Police Sergeant and inspector for armed protective security and counterterrorism units respectively.

IFSEC Insider (II): Can you elaborate on what your forthcoming IFSEC talk is about?

Shaun Hilton (SH): Behaviour analysis and how it fits into the development of the security solutions industry.

At Tavcom I cover courses around project management, business security consultancy and business continuity – so processes rather than the technical tools.

My background is policing and I’ve a long history of international deployment and training in behaviour analysis.

So when I look at how integrators work, they’re quite often very focused around how their products meet the performance specification that their client needs. But we also have to train those who use the equipment.

Because analytics are pretty much becoming the norm now. I remember when facial recognition first came out and the quality of the AI was very poor – that was only five or six years ago. We’re developing so fast.

But staff aren’t necessarily developing with it. So if you get a lot of analytics, who is actually going to do that work? Who is going to download it, look at the data? Is it purely a security function? Is it a hospitality function? It depends on your business.

But we also have to look at training staff to understand behaviour detection and be proactive.

The AI will identify, for instance, the typical routes that people walk through and identify a person who is hanging around, and so can the staff – so can we blend the two together?

The cameras only [perform] identification. What about actually confronting this person? How do we talk to them? How do we turn that into a hospitality benefit of helping someone out if they’re lost or confused, rather than: “I’m a security guard, you’ve been here too long”?

The more I move away from my background in law enforcement to working with private businesses, the better I understand how to use behaviour detection with a customer service approach.

We have to understand that security is not the standalone it used to be. Even with a crisis or business continuity issue, we don’t [necessarily] call out just security, we [might] have to link it with IT and customer service.

II: Do you encounter difficulties in persuading teams to collaborate in ways they traditionally have not?

SH: You do find people tend to silo. I found that in policing and I’m finding it in the private sector as well.

We get people working in a technical aspect who don’t tend to talk much with admin, finance or front-of-house people. It’s blending those roles, making the right people aware of things going on.

Projects that change the environment – do they tell security? A classic example was the Manchester Arena bombings, where we had development of the building and changes to the security layout, but they weren’t necessarily keeping each other informed. This led to blind spots with the cameras that allowed people to commit hostile reconnaissance.

Martyn’s law, which is going through [parliament] at the moment, will change some aspects of the way we deliver a security solution. [That will move] people away from a ‘yellow jacket’ approach to security personnel to being a professional body that does more than look at just evacuation.

II: In what ways might behaviour detection typically be used incorrectly?

SH: There is some evidence to show that when we start linking things together, say facial recognition and behaviours, the quality of the facial recognition needs to be understood.

If it’s a 35% hit rate, the person who’s been identified is more likely to not be the correct person – but it’s still worth talking to them. It’s still worth going through that process, looking at their behaviours and having that one-to-one conversation and clearing things up.

So we can blend [the technology and human dimensions], but again that links back to understanding and interpreting those new systems and how they work.

We have to understand why [anomalous] behaviour picked up by the analytics or staff is happening.

The person must be confronted face to face by somebody. Is that security? Is it front of house or customer service? There’s lots of ways we can use behaviour to increase sales or [improve] customer experience. It depends on the business.

Behaviour [in this context] is about anxiety that that can be [due to benign reasons like] “I don’t know what product to buy” or it could be hostile reconnaissance. We don’t know until we talk.

We need the training aspect to blend technology and behaviour detection. One can’t function without the other.

II: Anything else to add about your presentation or other security industry trends?

SH: I think the security industry is going to be affected by the [new requirements to protect] publicly accessible locations [mandated by] Martyn’s law. Where the boundary of a security solution used to be the boundary of the land, now we have to overlap that into what’s happening just outside the premises. If a museum, for instance, has a queue outside on the street, waiting to enter, who’s responsibility is that?

Do we need cameras in a public area? Then we have to think about the ICO [Information Commissioner’s Office] and regulations. So the issue gets more technical and focused on individual needs. It’s going to be an interesting time.

But what I want to do [at IFSEC] is just ask people: when you’re looking at a security solution, do we focus totally on [the] technical [side]? Or do we open the training door to what complementary things we can help our staff provide?

We’re already employing and paying them. A new technical solution security solution could be expensive. Are we making the best of [the resources] we already have?

And that’s a question for every client, every consultant, every security integrator.

Want to know more about Martyn’s Law? Listen to our exclusive interview with Figen Murray, the driving force behind the incoming legislation, below.