Converging security roles
For many years, security disciplines and specialisms have had clear lines of separation: these lines have been defined by a variety of factors, including skillsets and the requirements of the business.
As businesses take advantage of technological opportunities, those lines have become blurred and the requirement for a wider range of skills has become apparent. The term convergence in security is often used to describe the merging of two or more security disciplines and specialisms. Whilst this is not new in the security industry, the focus has changed in recent times with the introduction of new legislation, standards and frameworks.
The convergence of Physical Security and Information Security has been increasing steadily over the last ten years. A good example of Physical Security and Information Security convergence is being able to look at live CCTV footage securely and legally on a smart device whilst being able to also monitor in the control room.
With the explosion of trends such as the Internet of Things (IoT), it has led to the acceleration of focus on convergence. More and more businesses are also making changes to their business model; manual and physical processes are now being replaced with digital experiences. For instance, in the UK you can now tax your car and never have to physically display a tax disc.
Convergence of Information Technology and Operational Technology
Whilst the majority of our fellow security professionals focus on Information Technology, the Operational Technology aspect of security is an area that is not often discussed in information security forums. With the introduction of the directive on security of Network and Information Systems (NIS Directive), there is a lot more focus on convergence between IT and OT and an increasing emphasis on Cyber.
Whilst the principles and foundations of security between IT and OT may be common, i.e. protecting the data and assets, at the practitioner level there is some divergence in that the types of controls and audit regimes differ.
Convergence of Security Profession and Skills
With security having many areas of specialism, it has become more important for our fellow security professionals to gain a foundational understanding of a broader spectrum of knowledge. A key benefit of this would lead to security professionals gaining a better understanding of the whole security eco- system whilst maintaining their main area of specialism. There is a misconception in many places that a security professional must be an expert in all aspects of security disciplines and specialisms. However, the reality is that a good security professional will have knowledge of security ‘an inch deep but a mile wide’ and will choose to specialise in one or more areas, thus increasing their depth of knowledge in the same.
There are many free training courses available online which will enhance a security professional’s knowledge and coupled with a good mentoring programme, it will allow for professional development, convergence of skills and could potentially lead to career progression.
The Security Institute has established the Cyber and Convergence Specialist Interest Group to support members in making strides in security and to increase the awareness.
If you are interested in future events or the mentoring programme, please do get in touch with the Security Institute.
Mahbubul Islam, Director, Security Institute