Shared Responsibility and Collaboration among Security Stakeholders Paramount

ASISimage001New threats and risks occur every day, calling for a change in mindset and a paradigm shift in how both enterprise organizations and government entities approach risk mitigation and security. How can security providers and integrators work together to achieve the same goals? How do all industry stakeholders work together to facilitate situational awareness?

During a Situational Awareness Roundtable Discussion hosted by Verint during the 2015 ASIS International Annual Seminar & Exhibits, industry thought leaders discussed what professionals in the security industry can do to work together to achieve situational awareness and overcome various threats on cities and infrastructures.

The panelists consisted of a well-rounded group with various backgrounds. Steve Lasky, Editorial Director, Security Technology Executive, provided thought-provoking questions to the panelists as the moderator. Panelists included Ray Coulombe, Founder and Managing Director, Security Specifiers; Kelly Wilson, Protective Security Advisor, U.S. Department of Homeland Security, San Diego District; Doug Smith, Senior Advisor, Chesapeake Crescent Initiative; and Tom Comerford, who oversees all cyber security efforts at the Port Authority of New York and New Jersey.

“Many tools exist to achieve full situational awareness. What we need are collaborators to share responsibility,” said Comerford. “We need to bring all of the stakeholders together in the beginning. Stakeholders are the key. Everybody has to step up to the table.” Additionally, sharing information and intelligence helps security practitioners enter into beneficial public/private partnerships that not only help protect, but also help organizations shift from being reactive to becoming proactive in a security approach.

While the panelists agreed that product developers and integrators are a major force multiplier in bringing together the worlds of IT and physical security, the panelists concurred that all parties must first understand the true vulnerabilities and risks organizations face before recommending and designing the ideal security technology solution.

“Integrators have to learn how to calm the fears of their customers,” Coulombe said. “But in my experience, not enough customers are concerned about data protection and cyber security. Also, many vendors haven’t incorporated protective layers into their products to prevent IT security breaches. We still have a ways to go.”

The growing value of Big Data, the Internet of Things and the growing number of online and mobile devices pose a benefit while also opening doors to emerging threats. “The cyber security element is a huge game-changer for businesses and public entities, as life safety and mission-critical systems cannot go offline,” Comerford said.

Wilson said she encourages anyone who is developing a security solution to evaluate the strength of the IT systems—as well as the physical security aspects—to build true business continuity. “You have to understand the cyber risk to your systems and services before you can truly build protection,” she said. “Surveys can be done to help assess these risks and vulnerabilities.”

Panelists agreed that the industry must work together to combat new threats—a multitude of voices and information is critical to address the threats organizations face on a daily basis. “Today, with critical infrastructure as it is, failure can have a cascade effect—one storm and everything goes down,” Smith said. “From a situational awareness perspective, we need to bring redundant systems into the critical infrastructure marketplace to address these possible risks.”

How do we get people to start thinking about disaster recovery and safeguarding information? “It’s all about bridging the gaps between the integrators, security and IT professionals,” Coulombe said. “We have to educate the customer to see those threats as one thing. That is the key that’s missing.”

Subscribe to Email Updates

Posts by Topic