The survey found that 24% of respondents had experienced some form of convergence in these areas, while a further 7% intended to deal with the issue over the next 24 months.
Both IT and physical security departments understand the concepts of threat and risk mitigation, the importance of being able to respond effectively to an incident, and the economies of scale that may be achieved through integration technology initiatives. But there are many unresolved questions around the issue of successful organisational transformation.
According to the survey, only 12% of respondents have an individual who is both the corporate security officer and the chief information security officer. And of the organisations that have separate individuals in each position, 25% of them have a reporting structure that sees both individuals reporting to the same executive. Other potential barriers to convergence include issues such as competencies, whereby physical security employees are viewed as either highly specialised or as not having the same level of education, training and continual education typically found on the IT side. The result is that there are major differences between the groups in areas such as levels of pay.
The survey’s authors conclude from this that physical and IT security convergence is still at the infancy stage of development. But organisations are beginning to, or are planning to adopt or pilot in the next 18 months, technologies such as smart cards (16%), biometrics (21%) and tokens (10%) , and to integrate them with plans for corporate security.