CSC Gets Physical With Security

An interview with Mike Kenney, director of CSC’s physical security team

Many may wonder how a computer company gets into the physical security business, but no such question exists for Mike Kenney, an Operations Director with CSC’s Defense Group. On the way to CSC, his career path passed through Army Military Intelligence and the Defense Intelligence Agency, where he was a senior analyst for counterterrorism and antiterrorism. His interest in fighting terrorism became a passion after a personal friend was assassinated by terrorists in 1988.

Kenney recently talked with CSC.com about CSC’s physical security business.

CSC.com: CSC is known as an INFOSEC powerhouse, but physical security?

Yes. CSC has held a physical security contract (PM-PSE) with the U.S. Army since 1988. The CSC physical security team also has provided physical security services for the Department of Justice and the Library of Congress. With the current focus on Homeland Security, business is quite good.

CSC.com: Can you explain CSC’s connection with physical security?

Kenney: Security systems today are automated and computer-based. In many cases, they use databases that store information and retrieve it to allow certain things to occur. For instance, people are admitted into particular facilities based on data that is stored about them - a password or some other unkeying device.

Also, things you do in the physical security arena are not unlike things CSC does in support of IT projects. You get involved in requirements definition and analysis, then move to planning and design of a solution. Then you acquire the materials you need and implement the solution, and you integrate that into the system. The final step is life-cycle support - training, maintenance, warranties, and so on.

CSC.com: What’s the difference between doing security for the Army and doing it for a civilian agency?

Kenney: The big difference involves access. The military is not overly concerned with public access. They can and have a right to restrict access, as the circumstances require. On the other hand, where you have thousands of people coming into your facility every day - for example, the Library of Congress - there are many things you can’t or won’t do regarding security because public access is necessary to your business or mission. In that kind of scenario, you have to do more balancing between the need for access and the need for security. This goes back to requirements definition. It’s much harder to come up with a requirements definition for a civilian agency or organization that must be open to the public.

CSC.com: We all have experience with access control systems. Can you talk about more unusual security technology?

Kenney: We’re working on the Mobile Detection Assessment Response System, or MDARS, for the Army. It’s a robotic system fitted with various security-type sensors. We’re not developing the robotic platform, but we’re working with the Army to shepherd the system through the R&D milestones. That process is meant to ensure that it will work, that it fulfills clear-cut needs, that it meets government specs and requirements, and that there are manufacturers in a position to bid on it.

The vision for MDARS is that it will be not only a security system, but it also will use radio identification tags to conduct product inventories. For example, it’s patrolling a warehouse and saying, "Yeah, we had 100 stinger missiles and we still have 100," because it’s beaconed out 100 times and gotten 100 responses. It makes another run and "Uh-oh, there’s only 99!"

CSC.com: Aside from counting missiles, how do you know whether a security system is effective?

Kenney: It’s very difficult, particularly with terrorist threats. You can never know to what extent a security system has dissuaded a terrorist from attacking. And many people don’t appreciate that there is no absolute fix. You can execute the process perfectly all the way to the end. But then you can’t dust off your hands and say "I’m done." You’re not done. That does not mean you have to spend more money. You can vary routines and procedures just as easily as you can spend $100,000 on a new piece of equipment. And sometimes it’s just as effective. The point is that security is a constant process - an organization’s system must be constantly adapted to the changing threat as well as to the changing needs and requirements of the organization and the people it’s meant to protect.

Related Information:

Contact us and let our experience help you produce results.

Find out more about CSC’s security offerings.

Study the features and benefits of the PM PSE contract.

Find out more about CSC’s Homeland Security offerings.

Read CSC’s 25 recommendations for improving IT security.