IT and physical access security teams “must collaborate” to protect against growing cyber threats

Addressing the growing cyber threat landscape, HID Global – the trusted identity solutions specialist – has stated the company’s belief that it’s “increasingly important” for physical and IT security teams to work together in order to develop a comprehensive strategy for combating both physical and cyber security threats. 

As more and more devices are designed to connect and share information, so it follows that the physical security team needs to incorporate the IT team in its proposal, design and implementation discussions and decisions.

Security cameras, for example, fall under the domain of the physical security team, but now that the Internet of Things (IoT) is connecting these cameras with other devices that traditionally might not have been under the remit of the physical security team, collaboration is essential.

Having devices like cameras connected to other systems and networks can deliver significant value by turning data into actionable information, but with that companies do open themselves up to broader public exposure and risk.

“Collaboration isn’t a one-way street,” said Chip Epps, vice-president of product marketing solutions for IAM solutions at HID Global. “If the IT team hasn’t included the physical security team in its cyber assessments and incident response processes, the business suffers. Every member of the physical security team should know what and where the critical technology resources are and have been deeply involved in the planning to protect those assets.”

According to HID Global, the key factors to consider when shaping a collaborative strategy between the physical and IT security teams are as follows:

*do the physical and IT security teams ultimately report in to the same organisation or Chief Security Officer?

*has the IT team implemented more advanced security policies that incorporate location attributes or information often available from physical access systems?

*is there a regular, recurring forum to discuss and approve projects that cross the line between the teams?

*are team members participating in any cross-functional projects with members from the IT or physical security team?

*has either team been surprised in the last year in terms of the development of a project about which they feel they should have been consulted?

*is there collaboration on corporate compliance training or is there a separate curriculum/content?

“As cyber security concerns escalate, it’s important to remain ahead of the inevitable convergence between IT and physical access,” concluded Epps. “The first step involved is establishing a communications channel and developing the relationships and processes to make it work.”

By ensuring teamwork between the physical and IT security teams, the overall security of a given site is enhanced, in turn leading to both customer and employee satisfaction.

About the Author

Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications)

Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting.

In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector.

In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute’s George van Schalkwyk Award.

An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award.

Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site.

Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media.

Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014.

Related Posts