Skip to main content

Not every command center is the same, but in general the types of things that can impact response and create bottlenecks can be broken into two categories— operational bottlenecks and system bottlenecks. Operational bottlenecks take the form of processes, procedures, and HR, while system bottlenecks typically take the form of overwhelming amounts of data stored in multiple different systems.

WHEN LOOKING AT OPERATIONAL BOTTLENECKS, HERE ARE A FEW QUESTIONS TO CONSIDER:

  • Are there enough operators on shift to adequately respond to the number of events that occur?
  • Can these operators handle this volume of traffic?
  • Are responses operationally consistent across the organization?
  • Are the processes operators follow the same every time, or do they rely on their individual knowledge and experience?
  • Are operators effectively trained for all the scenarios they’re likely to encounter on shift?

WHEN LOOKING AT SYSTEMS BOTTLENECKS, HERE ARE A FEW QUESTIONS TO CONSIDER:

  • How many systems are creating events?
  • Are events from all systems correlated into one central queue?
  • How many of these events/alarms are false?
  • Is the 80/20 rule in effect? (Are 80% of my alarms coming from 20% of locations?)
  • How many alarms are presented to operators that don’t require an action?
  • How are alarms prioritized, and is this prioritization consistent across systems?
  • How many different systems contain data required to coordinate a response?

Download the full whitepaper, Response Time: The Key to Better Security Outcomes, to learn more.