David Ward of Ward Security looks at a growing challenge for the security industry in a world increasingly fixated on online security
Traditional security is becoming less visible, but not in a way we should be celebrating. Due to the growth of cybercrime and the media noise that surrounds high profile attacks and hacks, the word ‘security’ is becoming dominated by cybersecurity. You can understand why. A well targeted hack on a large organisation can be phenomenally devastating and is certainly more newsworthy than the average burglary or incidence of vandalism.
You can see this process by simply running a Google search for ‘security’, especially a news search. As you would expect, the results are dominated by major terrorist incidents around the globe, with cybercrime not far behind. The refocussing of the word ‘security’ can also be gauged by the number of magazines and websites that are dedicated to online crime and prevention.
It is unrealistic to expect that typical physical security, and indeed cybersecurity, should demand the same level of profile as issues such as international terrorism, but surely there needs to be some sort of rebalancing of traditional physical security and cybersecurity?
Does it really matter? Yes it does. As an industry, the problem we face is one whereby organisations undervalue the importance of real world physical security. Budgets spent on security are likely to reflect this. And with corporate cybersecurity incredibly expensive, there will be too much of a temptation for finance departments to rob Peter to pay Paul, with traditional security scaled back to allow budgets to be used on firewalls and the like.
The other issue is credibility and trust. One of the ongoing challenges of our industry is to ensure that clients who commission physical security services listen to our advice and value our experience. We are the experts and we have spent years evolving our offer to incorporate new technologies, collaborative systems and new ways of working that together deliver a better and more efficient service. But as our profile and voice become overpowered, we maybe aren’t being given our due respect.
Again, this is perhaps understandable. The high tech nature of cybersecurity makes it difficult, if not impossible for clients to do anything except listen to the advice of the experts delivering the service.
So what is the solution? How can the traditional security industry protect its reputation and ensure it is not devalued against cybersecurity, especially when it comes to clients and their budgets?
Visibility is the key. As an industry we need to become more vocal and opinionated. A truly effective corporate security stance must include adequate physical security. Simply having a robust cyber defence posture is not good enough if a criminal can easily gain physical access to your property and steal valuable equipment and data, while senior management are in the board room listening to how well the firewall has performed.
We need to ensure our customers understand this reality and don’t devalue the importance of physical security. Simply carrying on regardless is not an option. It does not benefit security suppliers, and it certainly does not benefit the client who, through an over-fixation with cybersecurity will find themselves increasingly physically vulnerable. It is not an easy challenge as we don’t have the media headlines to restate the threat to the marketplace. We are going to have to do this ourselves.