ASIS Session Examines Strategies to Integrate Physical and Cyber Security
Despite the difference, there are some good strategies to help integrate the worlds of physical and cyber security. That’s according to Doug Powell, from Canada’s BC Hydro, who discussed the topic during an education session on Tuesday at ASIS in Philadelphia.
To start, Powell first said that risk management is the key to any security program’s success, whether it is cyber or physical.
Powell mainly looked at a whitepaper authored by the ASIS Utilities Security Council that delved into the topic. But he said many of the suggestions are universal.
Interestingly, he stressed that security can’t live on two different platforms and it has to come together in some way. To do that he suggested security expertise, risk management and security leadership must be integrated between physical and IT.
Some of the factors influencing security integration include enterprise risk management, critical infrastructure protection, technology advances and industrial control systems
But on the down side, cultural challenges do exist like the aging workforce and baby boomer’s IT experience.
To end, Powell examined four ways to improve the relationship between the two entities -- policy integration, embracing the differences between the tasks, but embracing the similarities as well. And finally, both groups should have co-education sessions.