he Alliance for Enterprise Security Risk Management (AESRM) has released a report titled “Convergent Security Risks in Physical Security Systems and IT Infrastructures” that maintains the line between physical and cyber threats is getting more blurry to the point of near nonexistence.
Therefore, the organization — which includes ASIS International, Information Systems Audit and Control Association (ISACA) and the Information Systems Security Association (ISSA) — recommends professionals in these two spheres blend their operations and strategies where possible to minimize and manage risks.
“The Alliance for Enterprise Security and Risk Management is focusing on converging the traditional and cyber security functions in organizations as it relates to risk in the enterprise,” said Ray O’Hara, chair of AESRM and Vance International senior vice president of security consultancy. “As part of that, it’s very clear to the three organizations that represent the alliance that a lot of people who are involved with the risk function in enterprises need to talk to each other.”
The impetus behind this shift has been the transition of traditional assets into virtual assets, O’Hara said.
“In the old days, if you had an access-control card, you could get in at the door where you worked and that was it,” he said. “In some cases now, that access-control card runs across the network and allows access to not only your office in San Jose but also the one in Shanghai. As those devices transition to the corporate network, there needs to…
Please log in or subscribe to read this article