Just when you thought the IT security plate was sufficiently full, here’s the next big thing to digest: security convergence.
Given the rising tide of internet crime and international terrorist activity, companies are beginning to think about how to bring together the separate strands of IT security and physical security’. I’ve written before about the importance of taking a holistic approach to information security (including in my books about implementing information security management systems) and a very thorough article here at CSO Online reflects the experience of several major US organisations.
Of course, not every company has the scale or nature to require a Chief Security Officer on the board. However, it IS the interests of every company to have a coherent approach to ensuring overall security and business continuity. Becoming ISO 27001-compliant is the starting point for any business serious about managing IT security risks, but there are undoubtedly lessons in this article for SMBs as well as multinationals.
Expect to hear a lot more about this topic in 2006.