Security Business

MAR 2014

Find news and information for the executive corporate security director, CSO, facility manager and assets protection manager on issues of policy, products, incidents, risk management, threat assessments and preparedness.

Issue link:

Contents of this Issue


Page 115 of 117

114 | SD&I | March 2014 oday's physical security integrator is facing corporate security directors who are looking for advice to address cyber- security concerns. It is a formidable challenge. As they grapple with the complexity of the situation, many physical security pros have come to realize that the discipline of logical security and physical security may not merge naturally into a mutually beneficial relation- ship. The two areas of expertise are, in many ways, considered to be different animals in form and function. Little or no direct crossover in practice areas within the company culture cultivates communication and strategic dis- connect — which does nothing to encourage a collaborative effort for a security program; yet, the message endures from industry experts: To protect a company's assets, a cooperative effort must be established. To the integrator, the peril lies in the charge — move forward or risk being left behind; however, in the face of the unknown, some integrators choose to avoid the topic altogeth- er. To move forward on collaboration, educa- tion on both sides must be promoted; and the programs, devices and disciplines brought together to form a symbiotic relationship. Experts Weigh In In his IT security experience in high-risk environments like the Federal Reserve Bank and the Department of Homeland Security, Darnell Washington, CISSP, president and CEO of SecureXperts, observes a divide between IT and physical security. To him, it appeared as if the IT personnel had claimed authority over their physical security counterparts. In response, Washington's message to IT security teams aimed at addressing the physi- cal vulnerability of data centers. "If you cut a cable or systematically attacked an environ- ment where perpetrators go undetected from the perimeter or lack proper security controls, there is no predictable limit as to the potential consequences of an attack," Washington told the IT professionals. "If you cannot protect the physical environment of your information, you cannot protect the data." Lloyd Uliana, a Business Development Engineer with Bosch Security Systems who is currently working on a project with the DHS Federal Protective Service, adds that "IT staff often lack the vigilance to conduct security operations on a 24/7 basis, and have a miscon- ception that life safety and physical facility pro- tection strategies are not constantly changing like cybersecurity. Why do we have Information Security staffs if a thief or insider can enter a facility and walk out with data undetected?" Washington and Uliana agree that interoper- ability and compatibility issues plague physi- cal security systems connected to IT networks. It is extraordinarily complex to design a solu- tion when IP addressing, security, bandwidth, latency and system loads need to be calcu- lated in concert with IT requirements. Both insist that without the proper educa- tion on information security process and prac- tices, the integrator will struggle to address customer scenarios and concerns in this com- plex environment. They went on to outline three major challenges in the field — featured in the expanded online version of this column at It may be intimidating, but as the market con- tinues to evolve to network-based technologies, the integrator must be knowledgeable about emerging capabilities and must obtain training and real-world experience to effectively recom- mend the best-fit solution for their customer. ❚ Barbara Shaw, CPLP, is Director of Education at PSA Security Network. Learn more about cybersecurity and Physical Security at TEC 2014 presented by PSA May 5th-9th 2014 ( T INSIDER INTELLIGENCE By Barbara Shaw, CPLP Tug of War As standoffs emerge between IT and physical security departments, integrators are caught in the middle "It is extraordinarily complex to design a (physical security) solution when IP addressing, security, bandwidth, latency and system loads need to be calculated in concert with IT requirements." SDI_114-116_0314 Insider Intelligence.indd 114 3/5/14 1:49 PM

Articles in this issue

Links on this page

Archives of this issue

view archives of Security Business - MAR 2014