Bridging the gap between physical and IT security
With today's technology, would-be criminals need not be in the same city as the companies they’re targeting. They can worm through virtual security perimeters to pilfer company trade secrets or consumer data. Criminals’ ability to physically or virtually target companies worldwide has security professionals, like Hector Garcia, Ed.D., on high alert.
“There has never been a stronger demand for physical and information technology security professionals to partner together to devise security solutions that bridge the gap between the two disciplines,” says Garcia, a University of Phoenix College of Criminal Justice and Security instructor.
Garcia says security professionals must be able to recognize the commonalities of such security breaches and create a greater synergy between their respective skill sets and prevention strategies to combat criminals.
Garcia explains that physical security professionals frequently protect their clients using IT functions, including proximity cards, networked surveillance systems, remote door locks, mobile phones and other technological communications. Concurrently, IT security professionals’ responsibilities go beyond securing firewalls and delve into the physical security world via their need to develop security solutions to protect corporate laptops and other sensitive, tangible materials that unauthorized users might steal, he says.
“Their goals of preventing security breaches are the same,” says Garcia.
Converging the disciplines
Garcia acknowledges that converging the two disciplines, or eliminating the so-called gap, means moving security professionals into “unchartered territory.” Accordingly, Garcia believes this requires the two disciplines to reassess their respective skill sets because that is truly where the gap exists.
“There is a major gap in terms of the education, knowledge and practicalities of the other discipline,” says Garcia. “A strong strategy that can be utilized is the concept of cross-functional teams where they can bring in different stakeholders from the different disciplines and cross-train one another to … feed off each other’s strengths and attack their weaknesses.”
Physical and IT security professionals must become “acclimated to the goals, roles and responsibilities” associated with the other’s discipline starting in the classroom, says Garcia. Educators can engage physical security students in courses about basic IT network operations and IT security students in courses about physical security systems and procedures, he notes.
“By educating security professionals to understand each other’s missions and to be more interrelated,” Garcia says, “the disciplines can go from a tunnel-vision perspective to a holistic, organizational perspective for the betterment of the security profession.”