Secure by Design

Residential Security Handbook 2022: Smart Estate Living Editor's Choice, Residential Estate (Industry), Training & Education

Rob Anderson’s new book, Secure by Design: A Guide to Residential Estate Security, is a very welcome and necessary handbook on the South African electronic security scene. Not since the 2013, third edition, publication of the Consumer Goods Council of South Africa’s Recommended CCTV Industry Guidelines, has there been a more useful guide.

Not only has the past decade seen a surge in reported crime, but the perceptions of crime in South Africa have also played an important role in the continued fast pace of the development of residential estates and in many areas of our country, ‘gated’ suburbs. This growth has, of course, seen a concomitant growth in the number of security services and products serving these markets.

The growth of the latter and the recent harsh economic realities of our country, have seen the blossoming of many registered and unregistered security service providers providing, at best, questionable levels of quality advice and service in the electronic security environment, which they offer at cut-throat prices; the Afrikaans idiom, ‘goedkoop is duurkoop’, springs to mind here.

Being an electrical engineer by profession, with more than 20 years in the security industry, Rob approaches his topic from a practical perspective; the guide’s content is almost equally split between ‘theory’ and ‘practice’. The aim of Secure by Design is to educate all parties, whether security service providers, homeowners, or body corporate board members and provides a good basis to do so.

Perhaps the best approach, in a review such as this, is to list some of the contents of the publication and hope that it elicits the desired level of salivation by the reader.

Secure by Design has three Parts, covering a rather comprehensive and delightful number of subject areas:

Part 1 – The Principles of Security Engineering

1.1. Basic Security Concepts

1.1.1. The Crime Triangle

1.1.2. Crime Prevention Through Environmental Design

1.1.3. Risk Assessment and the CPTED Audit

1.1.4. Intelligence and Information

1.1.5. Investigation and Reporting Tool (the 5W1H)

1.1.6. The 5 Ds in Security

1.1.7. The Game of Numbers

1.1.8. What is Cyber Security and why should we be worried?

1.2. The Generic Solution

1.2.1. Guarding Staff

1.2.2. Electronics

1.2.3. Data/Cyber Security

1.2.4. Intelligence

1.2.5. Monitoring and Control

1.2.6. Security Management

1.2.7. The Audit Process

1.2.8. Entrances and Access Control

1.2.9. Perimeters and Detection

Part 2 – A Guide to Control Rooms

2.1. A Structured Approach

2.2. Defining Requirements

2.3. Engineered Approach

2.4. Key Components and Technologies

2.5. The Control Facility Spaces

2.5.1. General

2.5.2. Equipment Room

2.5.3. Administration and Management Offices

2.5.4. The Control Room

2.5.5. The Desk and Workstation Layout

2.5.6. Drawings and Sketches

2.5.7. Disaster Management

2.6. Putting the Ideas into Practice

2.6.1. Finance

2.6.2. The Construction Project

2.6.3. The People

2.6.4. Staff Hierarchy

2.6.5. Interpretation of Data

2.6.6. Managing the Control Room

Part 3 – Putting Principles into Practice

3.1. The Risk Assessment

3.2. Developing a Security Plan and Operating Procedures

3.2.1. How to Make a Plan

3.3. Security Plan

3.4. The Emergency Response Plan

3.4.1. Possible Emergency Events

3.4.2. Emergency Plan Procedures Outline Templates

3.5. Medical Emergency

3.6. Fire Emergency

3.7. Bomb Threat Emergency

3.8. Hostage Emergency

3.9. Armed Robbery Emergency

3.10. Civil Unrest

3.11. Extreme Weather Emergency

3.12. Applying CPTED and Undertaking a CPTED Audit

3.12.1. Design Principles

3.12.2. Considerations

3.12.3. Understanding the Concepts

3.13. CPTED Audit Template

3.14. The Standard Orders and Procedures Document

3.15. Access Control Schedule

3.16. Security Audit Checklist

3.17. References

Most appealing for me is Rob’s drawing together the various elements of a well-thought-out security programme, with a focus on the risk assessment as the cornerstone. He looks at the three component aspects of a properly considered security risk management system – the three Ps: People, Products (technology) and Paperwork (risk assessment, plans, procedures, etc.) which inform the design and selection of appropriate risk mitigation measures. The failure of far too many security risk management programmes is rooted in the absence of a properly conducted security risk assessment and a siloed approach to implementing and managing the risk mitigation measures.

Another big plus for me is the short section ‘The People’, buried away about halfway through the guide. It would be great to see a bit more comprehensive guidance on this, as people failures are a large cause of electronic security systems failing to perform optimally. However, I understand in taking a dig at Rob, that people and engineers don’t always get on well together.

A further useful aspect is the provision of several document templates to aid those people establishing or wishing to improve the documentation of their security management system. In my experience, basing a set of procedures, etc. on a Quality Management System such as the ISO 9001 QMS standard, is very useful and enhances the level of the security service, if conducted properly.

It is very pleasing to see that the important aspect of cybersecurity and data/privacy is covered in this guide, because it is still ignored in far too many instances. However, I believe that a bit more space should have been given to the legal aspects, such as those contained in the Protection of Personal Information Act, No. 4 of 2013.

Indeed, perhaps a future edition could list the legislation which applies to electronic security and the data collected and stored by an estate’s security services and offer guidance as to whom, between the estate’s governing body, management and security service provider/s is responsible for which aspects of cybersecurity and data/privacy protection. Allied to this would be some guidance of the principles of ‘secure design’, given that many networked devices (IoT – Internet-of-Things) used in electronic security are still not sold with acceptable levels of built-in security.

Another opportunity for improvement in my view, would be to list in the References section, a comprehensive selection of relevant standards, such as those published by the various standards development organisations, for ease of reference.

The final analysis: A ‘must-have’ for those who have an interest in implementing or reviewing their electronic security systems as an integral aspect of their estate’s professionally run security risk management programme.

For more information on obtaining Secure by Design: A Guide to Residential Estate Security, got to

Bruce Robertson.

Bruce Robertson is a security governance and management consultant in the converged security field, with 35 years’ experience in the Police Crime Intelligence, corporate and private security environments (the latter in the EMEA context). He is a member of, inter alia, SABS/TC 0068 ‘Electrical and electronic security systems’ and SABS/TC 0001/SC 40 ‘IT Services Management and IT Governance’ (also serving as a SABS representative on ISO/IEC JTC 1/SC 40) and follows the activities of the major foreign regional and national standards development organisations in this regard. Bruce is a past chairman of the South African Institute of Security (SAIS).


Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

The benefits of investing in whole-house surge protection
Smart Home Automation Security Services & Risk Management Residential Estate (Industry)
When you consider that the potential for equipment damage can run well into the hundreds of thousands of rands, whole-house surge protection is a worthwhile expense.

Are you your insider threat?
Technews Publishing Editor's Choice Security Services & Risk Management Commercial (Industry)
Insider threats are a critical aspect of risk management today, but what happens when it is the owner of the company acting fraudulently and making sure none of his staff can catch him?

Passion, drive and hard work
Technews Publishing Editor's Choice CCTV, Surveillance & Remote Monitoring Security Services & Risk Management
Colleen Glaeser is a leader in the security market, having made her mark in the male-dominated security industry through determination and hard work, along with a vision of making the world a safer place.

System integrators and surveillance
Technews Publishing Stallion Security G4S Secure Solutions SA Integrated Solutions
Hi-Tech Security Solutions asked two system integrators if they are seeing an upturn in the market and if projects are back on track despite the economic slowdown and supply chain chaos?

2022 trends in video surveillance
Eagle Eye Networks Editor's Choice CCTV, Surveillance & Remote Monitoring Integrated Solutions
Eagle Eye Networks predicts what will impact the video surveillance industry in the coming year and how to seize opportunities and forge a path to success, even amid ongoing uncertainties.

The impact of AI-enhanced video analytics on control room personnel
Leaderware Editor's Choice CCTV, Surveillance & Remote Monitoring
What impact do AI-capable detection systems have on control room staff, and do they mean a change in the demands on operators and the type of people you have in the control room?

To be or not to be, is that the objective?
Iris AI Editor's Choice CCTV, Surveillance & Remote Monitoring News
Gerhard Furter joins a discussion on the nature of sentience in artificial intelligence. Do we actually know what sentience is, or are we overestimating our human capabilities?

Leaning into the edge
Technews Publishing Axis Communications SA Forbatt SA Hikvision South Africa Editor's Choice CCTV, Surveillance & Remote Monitoring Integrated Solutions IT infrastructure
Video storage and analytical processing, with the help of artificial intelligence on the edge, is simple today with the powerful and advanced camera technology we have available.

From the editor's desk: The last CCTV Handbook
Technews Publishing News
Welcome to the CCTV Handbook 2022, I hope the headline caught your eye. This really is the last CCTV Handbook Hi-Tech Security Solutions will ever produce, but it is not the last handbook about surveillance ...

The cybersecurity consolidation conundrum
Editor's Choice Cyber Security Healthcare (Industry)
Check Point discusses why less is sometimes more when it comes to securing your organisation from the innumerable cyberattacks happening every day.