Cybersecurity, Emerging Issues in Security

Ongoing Progress in the Convergence of Information and Physical Security

Physical security and logical information networks within organizations have traditionally been completely separate, but a new form of cybersecurity and physical security convergence has started to emerge over the past few years. Has the convergence movement taken hold as a corporate culture?

johnason / iStock / Getty Images Plus / Getty Images

Taking into consideration today’s elevated threat environment, new measures to ensure convergence between physical and cybersecurity are becoming necessary. The growing functionality and deployment of integrated electronic security devices that are capable of interoperating with various other systems such as building automation is on the rise; and along with that is the need to protect these systems from cyberthreats.

Converged security solutions can bring better protection for sensitive data, enhanced risk reduction, and compliance assistance. Convergence allows organizations to manage security under a single umbrella to protect the actual physical facility as well as to prevent hackers from gaining access to the network where vital corporate information and data reside. Bridging the gap between cybersecurity and physical security by using the same infrastructure for electronic security systems and information systems can provide real benefits and save money.

From a hardware perspective, the two technologies are already codependent. The modern design of IP networks and the virtues of what IP network electronic technology offers depends on a quality IT network infrastructure. Today’s electronic security systems are generally computer-based with system components also linked to a computer. These systems can often be upgraded, networked, or integrated with other computer-based systems for information processing and greater intelligence.

Yet, for all the good physical network electronic technology security systems bring, like real-time alerts, reporting and authentication; on the flip side, these devices are vulnerable and can be dangerous if accessed by the wrong people. The systems themselves are subject to threats and cyberattacks.

Solutions exist to address the rising demand for cyber-hardened electronic products and systems incorporating capabilities such as encryption and other security processes, which can be implemented immediately for data protection. The question remains, how well are IT and Security departments doing at employing integrated approaches that combine compliance, privacy and data protection, physical security, and identity management?

Network and data security systems are typically the domain of the IT department. Information Technology (IT) refers to the electronic transmission, processing, and communication of data, audio, or visual information. Protecting these information assets is one of the main tasks of IT.

Physical security system requirements are typically tasked to the corporate security department to protect physical assets through electronic access control, surveillance, fire, security alarm and emergency communication systems, and monitoring. Much has been said about the poor relationship between physical security and information security management.

Instead of each department developing separately, as in the past, their roles today have to evolve. Bringing teams together benefits everyone. True leaders in information and physical security know how to create relationships with each other for developing more efficient strategies in securing both the company and the data.

The importance of the unification of information security policies and physical security policies cannot be overlooked. With all of the benefits that converged, security solutions can bring an organization—better protection for sensitive corporate information, employee, and customer data; improved cost savings; enhanced risk reduction and better compliance—convergence needs to be a top priority.