The Buzz About Security Convergence

Blog Date:  7/24/2016
Author:  Ray Coulombe

Here are five current trends blurring the lines between traditional security paths.

1. Technology convergence
Corporate security services such as video surveillance, access control, fraud detection,and access control are increasingly database-driven and network-delivered. In other words, physical security has become more IT-like. The use of biometrics for authentication is growing ever more popular as a means to control access throughout buildings and systems (think of the fingerprint needed to unlock your iPhone). Security services increasingly integrate with LDAP (Lightweight Directory Access Protocol), the application protocol used over an IP network to manage and access a distributed directory information service.

2. Vendor convergence
Not so long ago, infosec vendors protected networks and physical security vendors protected bricks and mortar. The two stayed separated. Today, many security companies address these and other high impact areas to provide higher situational awareness. Conversely, there’s a growing presence of IT and component vendors in security, including NVIDIA, Microsoft, and Google. And there’s more: Brink’s, the armored car company, offers managed network security services; Unisys has a consulting business in supply chain security; Computer Associates is mixing with smart-card vendors like HID in the Open Security Exchange consortium, developing a network-and-bulding-access standard called PhysBits. The list goes on and on. Look for vendors to continue to merge and meld their distinct product lines into highly integrated offerings. Further, companies including Verint, which has a cyber arm, and various biometric vendors have a foot in both worlds and have yet to fully leverage their positions.

3. Community convergence
The associations in the security industry rarely acknowledge each other’s existence. But, back in 2004-2005, CISSP promulgator (ISC)2 on the infosec side, CPP certifier ASIS International on the corporate security side, and IS audit association ISACA proclaimed their solidarity. Since then, everything has changed. The growing importance of CISO and CSO positions, whose sole focus is security, broadens the meaning of security even more. And, (ISC)2 is showing an increased presence in security industry events and now offers IT certifications in these venues. That said, industry leaders expect even more cooperation between these associations in the future.

4. Threat convergence
The pendulum has swung, where logical attacks may represent a greater risk factor to than enterprise than physical. For example, what’s a bigger threat to a bank? A threat from a bank robber or a cyber attack targeting accounts? However, insider attacks are still recognized as one of the chief attack vectors for evil doers and mischief makers, and tight integration of the physical and logical worlds, specifically in access control, is one means of addressing the threat. Also well documented is the vulnerability of many electronic security devices, such as certain IP cameras, that are targeted as potential weak entry points into company networks.

5. Educational convergence
A number of major universities have launched programs aimed at equipping students with a range of knowledge and skills in both corporate and information security. Cyber programs are sprouting to address the current 120,000 cyber-job shortfall in the US. There’s an increased emphasis on cyber security topics at all industry education events. (ISC)2 has increased its presence at security industry events and offers IT certifications there, including Certified Information Security Systems Professional (CISSP). CISSP includes logical, physical, electronic, and administrative components. All of this adds up to a more holistic, blended view of security.


Resource Blogs

Most Recent Blogs Listed for Ray Coulombe.


Stay Safe! While Traveling This Summer

It’s summer vacation time! The last thing you need to worry about it is getting your identity stolen while you’re sitting on a beach somewhere exotic. In 2016, more than 15 million Americans were victims of identity theft, up 16 percent from the previous year, according to Experian. Plus, about 33 percent of that fraud took place when people were traveling. Here’s a few tips to staying safe all summer while traveling...
read more -->


Rethinking Cabling

Cat 5e became an ANSI/TIA/EIA standard in 2001, Cat 6 in 2002, and Cat 6a in 2008. However, it may be extremely useful to consider taking advantage of other existing cabling infrastructure in lieu of running new. Read more to learn how to approach cabling.
read more -->


Off the Beaten Path at ISC West

This year at ISC (the International Security Conference and Exposition), I was determined to try to see the latest iStechnologies hiding in the nooks and crannies—literally! I visited booths in the back, the basement, small kiosks hidden inside larger vendor books, and throughout the Emerging Technology Zone.

In case you missed the show, I’ll round up some of the best new technologies and companies to keep an eye on. Read more.
read more -->


Cyber Crime Taking Down Cities

Earlier this year, in March, the City of Atlanta’s nearly 8,000 employees heard words they never thought they would hear: “It’s okay to turn your computers on.” Their computers were powered off for five days. In those five days Atlanta residents could not pay traffic tickets, water bills, or report city issues. Read how ransomware impacted this metropolitan area.
read more -->


A Few Thoughts on K-12 School Security

There is no one size fits all when it comes to K-12 school security. Schools vary in so many ways: size, age, local environment, affluence, culture, governance, and more. Read some helpful tips and resources that might just help your school be better prepared.
read more -->