Increasing numbers of organisations are combining their physical and logical security in a bid to improve efficiency and gain better ROI in risk management.
That's among key findings from a reseaarch around security convergence carried out by ASIS International Europe and the Information Security Awareness Forum (ISAF).
The research found that 35% of respondents had fully integrated their physical and logical access control using a single ID/card. A further 26% of security professionals indicated that they were developing the technology.
"Inasmuch as threats are converging from technological and operational standpoints, we need to make sure that corporate security organisations are not going to waste time and resources fighting each other," comments Alessandro Lega, who leads the ASIS security convergence sub-committee.
According to James Willison, vice chair of the same sub-committee, the aim of its research was to determine how many medium to large enterprises are either operating, or working towards, a converged security strategy.
Willison, founder of Unified Security (who co-authored the report with fellow IT security professionals Prof Paul Dorey, director of Security Faculty, and Sarb Sembhi, chair of ISACA), says that the results confirm that approaching two thirds (61%) of organisations are both streamlining and increasing the cost efficiencies of their physical and logical access security systems.
"This is excellent news, as it not only reduces their security risk profile, but also leads to cost efficiencies. And as the ROI on these efficiencies generates cost savings, so these savings can be re-invested into further security technologies," says Willison.
For him, the research confirms Security Faculty's view that IT security has now reached the level of maturity where it can handle the requirements of previously disparate security and financial controls.
"The fact that the same percentage of respondents also revealed that previously independent security disciplines now work together on security risks across the business is another reflection of growing maturity of the Information security industry," comments Dorey.