With so much emphasis today being placed on the need for cost reduction(s) in organizations, the topic of evaluating, implementing and executing plans for potentially integrating elements of IT and physical security is often raised as a primary way to eliminate redundancies and lower expenses. However, we believe a strong element of caution is warranted before this step is taken.
If your organization is considering this option or if your company is too small to have separate departments (i.e. CSO vs CIO) handling physical security and IT security, then a recent article written by George Campbell and posted on the Computerworld website may be worth reading.
This article presents a logical reason for concern for anyone getting caught up in the convergence process for convergence sake and cost reduction motives only. Mr. Campbell clearly states that “…Convergence of bits of techie stuff is NOT converged corporate security!” And, he suggests that the convergence debate should seek an appropriate mix of IT services to support and not diminish the stated total corporate physical security functions goals and objectives.
Without such a level of sensitivity by IT to the needs of the total physical security system requirements, an organization can too easily ignore the needs of other elements in the total security family – i.e. background vetting, due diligence, incident investigation, fraud risk management and safety, compliance and crisis planning and management functions, etc.
In one of the examples stated in the article to stress his point, Mr. Campbell states his concerns that while the IT brethren sweat bullets fixing a cyber attack, all too often they can and do trash evidence critical to the incident investigation process necessary to perform a proper cyber investigation report as it may relate to and include physical security processes and procedures.
If your organization is in the middle of such a debate to converge or not to converge your IT security and physical security functions within your organization, then, we believe that this article is worth reading and adding to your library of reference materials and links on this topic.
CLICK HERE to read the entire article.