Picking Pathways to Digital/Physical Security Convergence

It has become increasingly obvious that converging digital and physical security makes strategic sense. But high stakes, organizational politics and FUD often conspire to obstruct this initiative. The path forward may be illuminated by practical projects that deliver short-term returns.

Digital and physical security organizations have many differences, from the type of leader in charge to the backgrounds of the staff to the types of value they provide. Despite these differences, there are many reasons to converge these organizations, as reported in Physical and IT Security Convergence: The Basics. This article lists key drivers for convergence along with specific cases from real companies like EDS, Wells Fargo and Rohm and Haas. But my immediate reaction to this article is to categorize the drivers so that they may be more helpful to an enterprise hunting for a more cogent argument to take this step. A simple 2×2 matrix helps distinguish the different types of drivers:

The more tangible drivers might actually help support a business case for security organization convergence. They will trigger direct cost savings, specific process improvements or both:

• employee provisioning/de-provisioning
• investigations
• SCADA
• dealing with camera phones and USB sticks
• business continuity

New employees require physical and information access rights; setting up these rights in coordination with HR’s (continue reading...)