The business of security
K Tech Consulting’s Jonathan Keith on its approach to building security, transparency between project stakeholders and market challenges
K Tech Consulting specialises in technical security and offers a variety of services including security audits, vulnerability assessments, conceptual design, project management, supervision and coordination, and commissioning management. The firm was set up in 2013 by Jonathan Keith, a technical security specialist with over 18 years of experience. Middle East Consulting sits down with Keith to discuss the firm’s early years, trends and challenges in the market.
Take us through K Tech Consulting’s early years in the GCC region.
We started the company as an offshore (freezone) company in DMCC in 2013, mainly carrying out work in Saudi Arabia. None of the work we were doing back then was in Dubai. When there was a slowdown in the economy in the Kingdom, we made the decision that we would concentrate in Dubai and, using some of my previous contacts, we managed to get some work here.
We then decided to shift to an onshore Dubai company, so that we could obtain certification as a Dubai Protective Systems (police) consultant. The process took us about six to eight months and once we obtained the certification, and because of my contacts, we managed to start off with two projects in quick succession. Thanks to the good work that we did on those two projects, we gradually increased our workload – we started with one person (which was myself), and we now have 10 people including consultants, engineers, CAD people and administration.
I started this company as I’ve always been in the security business, since the age of 19. This is what I know, and I decided in 2013 that starting a company was a good thing to do – and so far, it has proved to be a good decision.
What did 2018 look like for your business?
I think everybody was and still is looking for value for money. We won a lot of projects in 2018 and we are now in the supervision phase. We are concentrating on these and there is a lot of pressure in terms of getting responses back during the supervision phase of the projects, so we need to have a quick turnaround. As you know, the supervision phase is where K Tech is employed as a specialist consultant. Our engineers are required to carry out inspections and respond to submissions such as material submittals, drawing submittals, method statements, etc, and when we receive any of these submissions, we only have a certain amount of time to respond. Even though the KPIs are usually one or two weeks, people expect responses often by the same day or the next day, so the pressure is quite high to finish them and get the responses back.
While we have several ongoing projects, unfortunately we do see that there is a little bit of slowdown in the number of new projects coming onto the market. I’d say that we are receiving 25% of the number of RFPs we received last year.
As a result, we are trying to look elsewhere for business. We started working on projects in Abu Dhabi and we also have a military project in Kuwait, for example. We did have some projects in Qatar as well, and we finished all those – so simply put, we are trying to expand outside Dubai. We don’t wish to have all our eggs in one basket.
What about Saudi Arabia? What’s your view on that market today?
We see Saudi coming back a little bit. Obviously it’s a big market, and the difficulties will be similar to other Middle East countries, like contractual issues and payment issues. We see that happening and we often say to ourselves, “You’re in the Middle East and even if you don’t like to have these issues, you have to be able to live with it, otherwise there is no point and you should get out of it.”
We see some big projects in Saudi Arabia that we’d like to be involved in; however, we see that the Middle East is becoming extremely competitive. In Dubai, it’s competitive; however, we are licenced by the police, so it’s an advantage. However, in Saudi we don’t have that licence and must compete like everybody else. It’s challenging, but we will be focusing on Saudi more and more.
What projects does your firm get involved with, and how is security viewed in this region?
We come in when there are bigger assets such as buildings that people would like to secure, although some clients really don’t want to implement it fully because security is viewed as a grudge spend. Part of the problem is that the market looks at security too late, which means it costs more than planning the security early. On many of our projects, cost-cutting takes place because some people don’t see security as an advantage – it’s something they must pay for but really don’t want to. However, we are trying to educate people that it works together with building operations. We are trying to make security an advantage and plan everything early.
How does your firm tackle these market biases?
We try and educate most of the time. We also have the current legislation where we have a minimum requirement from the law. Some believe that the minimum requirement for the law is not what people need – for them, the law is too much – but we have to do it. In some cases, there are parts missing from the law that are required; that is something we have to deal with as well, whether it’s when you’re speaking to consultants or clients. We always try and ensure all parties understand the requirements and the spend.
That said, we also try to make sure that the cost for the client is the lowest possible. We try to not look only at the initial cost, we look at the projects over maybe 10 years. That’s our aim, yet a lot of the time, it’s not what people are interested in. A lot of the time, it’s a case of ‘this is the bottom line and let’s just get rid of what we can’. However, we know that by taking this approach, they are willing to incur more costs in the long run. I know on some of the projects we have, the project costs and the running cost of the building are not in the same budget, so the people who are doing the projects are not willing to pay the money – they would rather push it to somebody else.
When the building gets taken over, they [developers] build the building and the project cost is with the project. When it gets handed over, however, the running cost is with somebody else, so what they try and do now is try and get all this cost out of the project and push it to somebody else. The problem is that we know that cost can be 50% more if they don’t do it at the beginning. We try and educate them, and I’m sure that this issue occurs across all disciplines – it’s not just in security. Unfortunately, this is a region-wide reality and there’s a lot of pressure on budgets. It’s up to us all to help our clients.
What is your approach to educating clients and the industry as a whole?
Security is a little bit different. You’ve got the law, which is now given by an entity called SIRA, (Security Industry Regulatory Agency). They have a set of requirements that people have to meet, and you also have the client requirements. For example, we work mainly with developers and they have their own security guidelines – these are the main stakeholders – and then you have got the project team who is designing and building the project.
We must understand all these, coordinate and get across to everybody what the requirements are of each party. Obviously, the law is the law and once we have the developers’ guidelines, we educate the project teams and we work hand in hand with the architect, because in the end, this is who needs to deliver the overall design. We’re usually hired by an architect, and the way we must provide security requirements is through them as part of the design.
On a day-to-day basis, we coordinate with all of the architect sub-consultants on behalf of the architect and the end user. Right from the beginning, we start communicating with the client’s security teams, because we don’t like to miss any requirements that they have. Often, these requirements don’t match the initial design – people are coming from a different angle and we have to straighten this out and make sure that they are all going in the right direction. We are in the same process flow as the architects, so during the concept design, we do the threat and risk assessment of the project, which gives everybody a look that these are the threats and risks and we ought to do x, y, z in order to mitigate those risks. This goes to the client, and once that is approved, we understand that we have to go down a certain path.
Following the path, we go through the concept/schematic design, through the detailed design, and at every stage it gets approved. Quite often, when we get down to the end of the schematic and detailed design stages, they begin understanding the costs better and the pathway has a little bit of diversion. It’s important that we keep in communication and remain flexible.
With long-standing customers, they sort of know what we are going to do. They know the situation and they know that at some stage, there are going to be changes because of value engineering (VE) and things like this. What we have seen is the design is approved by everybody and everybody is happy, yet when they start to do the construction, often we get some changes in architecture or requirements, or we have to implement them in VE. Sometimes we do that in conjunction with the contractor, once they are onboard. So, there are these different elements, and we always try and stay flexible on principle – if there is something that needs to be done, we do it.
As mentioned earlier, during the design phases there are always a lot of changes. However, from the security side, once we have implemented our design from the schematic stage, we are more or less straight. However, as things change architecturally, we have to be flexible and move. Our intention is not to force anybody to do anything; we want to work with people and try and get our requirements in, even if we have to make adjustments. We don’t like to see big changes and we don’t wish to incur too big a cost change for the clients.
How do you maintain standards as budgets come under pressure and clients push for lower spend?
We have a minimum standard and we endeavour not to go below that standard; however, sometimes people don’t like it when we try and maintain that level. What we see in the market is that it is very competitive, and everything is extremely price-sensitive, and not just for us. It’s for all the consultants, the clients, the contractors and everyone involved in the building.
So what’s happening now is that the cost of doing something at minimum standard has gone down because everyone is getting squeezed. The main thing is even though you’re getting squeezed, you need to provide value, especially as a consultant. To provide value to the client, you have to show that you are advising them properly and giving something back to them. Everybody has to try and maintain their good order and requirements.
Players in the construction sector are looking at technology to help them build and deliver projects. BIM is a big part of that – what are your capabilities in that regard?
We expect to work with BIM on all of our projects, but so far we’ve only had two projects where we have actually been asked to use it. We are quite far down the chain, so what can happen is, assuming the main architect is doing BIM, he will send us CAD drawings and if we see everything in CAD, we provide back everything in CAD. However, assuming they say, “Look, you need to provide in BIM,” then we provide everything back in BIM. We have no problem with that.
With regard to the construction phase, we’ve noticed that the main software tool that people use is Aconex for project tracking. We have a couple of projects with that and we are using all the tools we can. We don’t like to be the people saying, “You know what, we can’t do that.”
So we’ve trained all our CAD teams to use BIM, and part of the problem was we trained them two years ago, and for a year and a half they had no use for it. We probably trained them too soon. So basically we had the training, but all our projects were with CAD, and when we actually started on BIM, we had a big learning curve. We are past that now, since we’ve had a couple of projects.
For security, you need to create those objects like cameras and servers, so we can place them in the BIM model. You can do it an easy way or you can do it the harder way. You can always go to a supplier’s website, get the BIM objects and you can add it into the model. However, we don’t do that because people then see the measurements of the specific models, and we don’t like to be pushing somebody down the road where we have chosen the manufacturer and they are forced into it. So we are creating our own BIM objects so that they are independent of the manufacturers. It’s a longer way to do it, but we now have those objects set up and we can implement quicker.
What would you like to see happen in terms of specifications that are missing now, or something that should be implemented in line with what’s happening globally?
A new law was put into effect in January end, and that has some new requirements. I think that what most builders face is a monetary issue. Sometimes the reasoning and care that is behind releasing legislation and specifications is not understood. This can take ages, and people don’t want to understand the pressures that are involved.
From a security point of view, we are trying to understand the client’s requirements while maintaining a certain standard. I think the main thing is transparency. Often, what happens is we do a design and people will come to us and say, “Why did you do this?” And we have to give them the transparency and say, “Look, this is what happened from day one.” Sometimes a project takes two years to design, and you may lose the reason behind why you did something. People also forget or leave, and things change, and when you get to a certain point, it’s like – why is this happening? I think better transparency across of all these is better, with authorities, engineers, etc.
SIRA is setting up an association for security that includes all the companies in that space. I think it’s great, because people from the security sphere can get together and everyone can speak to the authorities, and they can respond, and everyone can help each other. It’s important because that lack of coordination and transparency between the client and architect results in people not understanding why certain things are happening.