Security Technology Executive

JUL-AUG 2018

Issue link:

Contents of this Issue


Page 7 of 83

8 SECURIT Y TECHNOLOGY E XECUTIVE • July/August 2018 • www. CONVERGENCE Q&A By Ray Bernard P SP, CH S -III • Email: ConvergenceQA@go-rbc Our company is establishing an organizational resilience council as a corporate risk management function, and I was asked to report on the state of our security convergence. What exactly should I be reporting on? You should only be asked to report within the scope of your own responsibilities, which may include your collaborations with other functions. There are several aspects of security convergence to consider. Enterprise Security Management In the mid-2000's, the term "security convergence" was used to describe a convergence of the management of physical and IT security, or physical and logical security as it is also called. Soon security leaders realized that the converged perspective should be broader, and the term Enterprise Security Management came into use. This is a convergence of the top management perspec- tives that brings together security and other business functions to obtain a unified view of the organiza- tion's security risks. Risk categories can include, for example, Information, Information Systems, Person- nel, Legal, Finance, IT Infrastructure, Product, Brand, Business Continuity, Environmental, Supply Chain, and Physical Premises. Responsibilities for many security risks have often been delegated to specialized risk functions that implement and maintain risk control measures, such as corporate security, facility security and IT security. However, siloed risk management – without a con- verged or unified risk management perspective – leads to risk mitigation gaps and inefficiencies. Thus, over time, security can become both weaker and costlier than it should be. The first book on this topic, published in 2007, is titled, Physical and Logi- cal Security Convergence: Powered By Enterprise Security Management. A few months later a second book arrived Continued on page 16 C o n v e r g e n c e i s w h e n t w o t h i n g s t h a t a r e s e p a r a t e c o m e t o g e t h e r. Yo u c o u l d h a v e a c o n v e r g e n c e o f m u l t i p l e p e r s p e c t i v e s i n t o a u n i f i e d v i e w, a c o n v e r g e n c e o f w a t e r c u r r e n t s i n t o a s i n g l e o c e a n c u r r e n t , o r a c o n v e r g e n c e o f v e h i c l e t r a f f i c f r o m t w o l a n e s i n t o o n e . T h i s c o l u m n 's q u e s t i o n i s f r o m a s e c u r i t y m a n a g e r w h o n e e d s t o d e t e r m i n e t h e s c o p e o f s e c u r i t y c o n v e r g e n c e w i t h i n h i s r e s p o n s i b i l i t i e s . The Scope of Security Convergence titled, Security Convergence: Managing Enterprise Secu- rity Risk. This book includes both security manage- ment and security operations convergence. Security Technology Convergence Today, all industries have experienced their own ver- sions of technology convergence, which refers to the incorporation of information technology into their industry. For example, the automobile industry's first convergence conference was held in 1974, when solid state circuitry started becoming part of automobile systems. Today, of course, the result of automotive technology convergence includes a wide variety of autonomous and semi-autonomous vehicles. Den- tistry dropped the film-based X-ray technology over a decade ago, in favor of digital equipment that can cap- ture and display the dental images almost instantly. Security's technology convergence is the incorpora- tion of information technology into physical security systems, most of which are now IT-based and net- worked, with some residing in the cloud. This has resulted in corporate IT departments gaining respon- sibilities for the IT aspects of physical security sys- tems and collaborating on physical security system deployments. There are many points of security/IT collaboration involved, including on cybersecurity for physical security systems. See my own recent book titled, Security Technology Convergence Insights, available on Amazon (http://bit. ly/security-tech-convergence-insights) and elsewhere. Business Use of Physical Security Systems The use of physical security systems for business operations value has been growing for more than a decade – basically, once security systems started being networked. Today, there are cloud-based sys- tems that provide authorized users access to security system functions from anywhere at any time. One example of significant business value is the use of security video analytics for retail store operations. In this instance, video analytics are used to measure and map customer traffic in retail stores, with the data providing insights on the effect that marketing campaigns and store displays have on customer traf- fic and sales. Another example is the use of security video cameras to monitor critical business opera- tions, such as in food and pharmaceutical manu- facturing. Discovering the exact point in time where an unacceptable manufacturing line condition first occurred can avoid the needless discard of an entire Q: A: Ray Bernard PSP, CHS-III Ray Bernard Consulting Ser v ices (RBCS; w w w. go-rbcs; 9 4 9-83 1-6788), a firm that prov ides securit y consulting ser v ices for public and private facilities. Member of the Content E xpert Facult y of the Securit y E xecutive Council (w w w.Securit y- E Follow Ray on Twitter: @RayBernardRBCS

Articles in this issue

Links on this page

Archives of this issue

view archives of Security Technology Executive - JUL-AUG 2018