Archive for the ‘CyberSecurity’ Category

Security Organizations

Thursday, February 12th, 2009

How does an organization build their security organization?

This is a question for the ages. I’ve been in the Law Enforcement and Security world for close to 20 years and it amazes me the fractured state of security even today. Most organizations are still living in the dark ages and have separate groups working physical security, IT security, and personal security. This is not a good business practice because everything used is not technology based and the same skills often roll out of IT into the other areas.

When was the last time we used an actual VCR for taping security camaras?

Most camaras today are fed to a computer with a huge harddrive for archiving and later review. What about the increased use of smart cards and biometrics? This information should be coodinated with the IT systems so organizations can monitor access controls with where things occur. It would make more sense to have the badging system that is fed to a traditional physical security system monitored by the Operations Center as well so we can monitor who is where and when. Organizations can also limit access to IT systems if their employees are not badged into the building. These systems tied into biometric systems would allow for better compliance with federal mandates and policies. 

We should get out of the dark ages and work harder to combine security into one organization. There should be one Chief Security Officer who has direct reports from both the IT and the Physical security teams. They should be consolidated into one Operations Analysis Center (OAC) with a combined Security and Network Operations Center. Then have appropriate desk officers for different areas of the business whether it be geographical location or differing business practice. This OAC would monitor the networks for access control and provide metrics to the leadership on a regular basis to show access to data not systems. Monitoring the system is only going to help protect the perimeter but what about the data itself for privacy breaches and malicious insider threats? 

We can work to provide better solutions as a team rather then as fractured groups trying to slap each other to get ahead. Not a sermon…just my thoughts!