The intricate interrelationship between physical, IT, and cybersecurity is sometimes hard to differentiate. As convergence brings physical security and logical information network processes together, the lines are becoming even more blurred in regard to what role security personnel plays in an organization.
When you tell someone you are in the security business are you met with a puzzling look? People act like they know exactly what you do but their response is often completely off base. Your job description as a security professional definitely takes some explaining, and these days it is becoming even more difficult.
The traditional physical security professional is known as the person who is responsible for securing physical locations with intrusion systems, locks, card and biometric access control systems, intercoms, fire protection, and video surveillance systems. You install devices like cameras, alarm systems with detection sensors, smoke detectors, and other electronic equipment.
The transition to IP-based technology is changing the role of the traditional physical systems professional in today’s electronic security industry. Now physical security is requiring a larger skill set to include protection of hardware, software, data, personnel, and networks against damage or loss against not only fire, theft, and intrusion; active shooter, cybercrime, terrorism, and natural disasters are being added to the list of security requirements.
IP-based technology requires network planning in the design stage and over the last 10 years or more, the upgrade to IP physical security was often put in the hands of the chief technology officers or IT integrators who had recently joined the corporate ranks. In addition to IT integrators networking knowledge, you bring different operating models to an organization based on risk analysis, vulnerability assessment, defined client security policies, etc.; and business models based on lower equipment costs but higher service costs.
The trials, tribulations, and lack of cooperation between physical security and IT that have existed are well documented; however, the stigma is starting to diminish. As traditional security systems integrators are being forced to become network savvy, companies no longer consider the two groups separate departments. With the convergence of physical and IT systems, organizations are beginning to bring together IT and physical security into one completely streamlined operation.
Technology and computer environments now contribute to more compromises in security. A new level of teamwork is emerging to address these breaches. The objective is to maintain a strong community of leadership, insight, and direction related to efficiently delivering the technologies and infrastructure for best-in-class security.
Today’s security posture is focused on holistic, organized, and mature ways to mitigate risks or causalities. The team, led by results-oriented leaders, is responsible for the challenging ability to identify risks associated within physical locations, technologies, processes, operations, and services.
Each company has its own security issues based on factors, such as size, industry, compliance requirements, data, infrastructure, and assets. Now it is one team that, through critical thinking and analytical skills, identifies and prioritizes where, when, and how to improve security and handle incident response in an organization. The results can be great, but you still may have a hard time explaining to others outside security what it is you do.