Doing More With Less – How Security Convergence Creates New Value
The chief security officer for an US-based Fortune 100 manufacturing company explained the benefits he has unlocked. His security budget does not grow much from one year to the next. As a result he cannot simply identify a money-saving high-ROI project and deploy it. One of the first programs he put in place didn’t cost any money but yielded great dividends.
He invited the corporate security, IT security, and compliance management teams to collaborate when setting or modifying security policies. Each group had periodic meetings to review security policies and agree on language for new policies. The meetings sometimes included representatives for business units affected by the change. When the security groups began collaborating on policies, they discovered that they all had concerns about strong authentication in common Together, they discovered that a single card could serve as ID badge, door access card, and network smart card.
duplicating efforts and technologies around cards, badges, readers, and
network authentication meant immediate and obvious savings into the
hundreds of thousands of dollars. From a few new policies, a successful task force was born. Now the risk management steering committee, comprised of members from many different areas in the company, makes recommendations and divides responsibility for all operational risk management. Less overlapping effort equals more time and money for new projects, better security, and faster response.
the CSO benefits from the coordinated efforts of multiple security and
risk management groups, producing integrated security policy
management, a shared internal website for security information, a
common security awareness program, integrated security incident
management, and combined reporting. His
operation works better, smarter and cheaper, giving him more personnel
talent, time and money to deploy high value technologies like event
management workflow software, digital video systems, and identity
Software, computers and networking are sweeping across the physical security industry. Not
only are manufacturers incorporating these information technologies,
but corporate security executives are also discovering more efficient
and effective ways of running a security operation with better
policies, processes, and tools inspired by information technology.
Using a combination of better technologies and shared information,
security executives tap into new value.