Since the early 2000’s, pioneers of the enterprise security risk management mindset, referred to as security convergence, have been advocating for a more holistic view in evaluating, managing and communicating security risk management’s evolving mindset and approach.
In this digital age, where more and more businesses seek competitive advantage from new and evolving technologies, risk managers must evolve their capabilities to better manage risk and breakdown functional silo’s.
Today, with the rapid emergence of the Internet of Things, and the billions of new internet connected devices at work and in the home, physical risks including human safety issues are rapidly expanding. These new devices used in manufacturing, printing, surveillance, aerial delivery, driving, etc., generally have limited or no built-in security, compounding the problems we still face with insecure traditional data networks.
Watches, cars, medical devices, refrigerators, door locks, hot tubs, manufacturing equipment and many more things can now connect to the internet to get updates, report their location, and communicate back and forth. They can do this, ostensibly, to create value for the user, and to the company who provides the device/service.
This open line between the user, their device, and the supplying company creates a more two-way relationship that can be customized and transactional; all that is required is for the user to share their permission for this relationship to begin.
A Holistic Approach Produces Better Results
While some still say that true convergence has still not fully taken hold, there is one immutable fact that has endured in the elapsed years, security programs that take a holistic approach to managing risk are more cost-effective, mitigate more risk, and provide greater clarity to management on risk posture and making risk tolerance decisions; further, companies with top-tier risk management program are more profitable.
The greatest change in the security industry hands down is the increase in opportunities for work in the cyber security arena. While a sizable percentage of cyber security roles do require a deep technical background, there are several roles that offer a fantastic opportunity for physical security practitioners to succeed with the right knowledge and training.
Cyber Security Roles That Offer a Fantastic Opportunity
These are just some examples:
- Security and Policy Compliance
- IT and Regulatory Compliance and Audit
- Business continuity, disaster recovery, and Crisis Management
- Security Awareness & Training
- Security Governance and Risk Management
- Identity and Access Management
- Security Business Liaison
Only two things are required: the right training and the courage to try.