Layered Security

Real, virtual worlds share same concerns

Cybersecurity and physical security traditionally are separate practices at most organizations. Physical security concerns have been around a lot longer than computing and networking, and the two have been characterized by separate concerns, goals and even languages.

The growing interconnection of the two worlds could be bringing this distinction to an end. Physical security controls are increasingly networked, and networks depend on physical security for their protection. Merging the two shops can bring advantages of scale to both, said Scott Borg, director of the U.S. Cyber Consequences Unit, a government-funded independent research group. But merger is not without its pitfalls, he warns.

The obvious advantages are improvements in efficiency and economy as planning and response are consolidated under a single department. Risk analysis and budgeting can be brought under a single head and handled by a single staff.

Disaster recovery and continuity of operations need to address both physical and IT problems. A disruption on one side can affect the plans for the other side, and having a single team facilitates this.

There are several potential pitfalls.

n Senior management does not understand both sides of this equation. A merger will require a change in the way they are managed.

If done properly, improved management and better reporting could create the impression that security is worsening as more problems are detected. It is like the early days of firewalls: No one had a security problem until the firewall was plugged in.

Although convergence should produce overall savings, ancillary costs of merging operations could make it appear more expensive. Document the savings and cost avoidance that have been achieved.

Physical and IT shops have different cultures and may not work and play well together. Basic training will be needed on both sides.

About the Author

William Jackson is a Maryland-based freelance writer.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected