As AI-powered security threats increasingly chain digital and physical attack stages, organizations need integrated incident detection and response capability. But physical and cybersecurity operations remain separate within many businesses—hampering their ability to protect sensitive data and other assets.

This article covers common challenges with security convergence, along with proven steps to address them. 

Key takeaways

• Drivers for converged security include AI-powered converged attacks, new security tools, regulatory/stakeholder demands, and cost efficiencies. 
• Benefits of converged security include better threat detection and incident response, improved security performance, simplified compliance, reduced business risk, lower overall security costs, and competitive advantage.
• Major challenges with security convergence include siloed tools and data, skill/resource gaps, resistance to change, and budget constraints. 
• Successfully merging physical and cybersecurity benefits from a strategic focus on technology integration, creating unified policies, and developing joint detection/response protocols. 

What are the major drivers for converged security?

Even for companies operating with siloed security stacks today, convergence has become a foundational necessity for efficient, effective security and regulatory compliance. While converged security can offer a competitive edge, the bottom-line driver is an urgent requirement to address rapidly advancing risk from converged cyber/physical attacks that could threaten business continuity or even survival.

Top factors contributing to the security convergence imperative include:

• New and emerging security technology.
  Connecting IoT devices like smart cameras, access card readers, and biometric controls to your security architecture increases your attack surface and the need for unified security oversight. AI-enabled security services like surveillance systems, behavioral analytics, and incident detection also call for centralized oversight to cover vulnerabilities and gaps.  
• AI-powered converged threats.
  Sophisticated, AI-enabled combined attacks that simultaneously probe physical and digital vulnerabilities are quickly becoming the new normal. For example, a common blended threat involves compromising a physical security boundary to install malicious IoT devices. Converged security architecture is central to stopping this growing class of autonomous threats.
• Regulatory guidance and stakeholder demands.
  Widely applicable regulations and standards like HIPAA, GDPR, ISO 27001, and the NIST Cybersecurity Framework (NIST CSF) all mandate holistic security governance and unified risk management to ensure program effectiveness. Customers, investors, boards, and other stakeholders are also more likely to demand robust, converged security as a prerequisite for doing business and as table stakes to protect sensitive data in the evolving threat landscape. 
• Cost savings and operational efficiency.
  Keeping physical and cybersecurity teams separate while technology blends around them often leads to redundant controls, overlapping processes, and communication roadblocks that increase costs and reduce effectiveness. Converging security teams helps reduce IT complexity, cut total costs, and improve insights, decision-making, and control/command center effectiveness. 

What are key benefits for converged security?

Businesses that successfully merge their security programs gain multiple benefits, such as:

• Improved threat detection through deeper, more comprehensive visibility into events, anomalies, manifesting threats.
• Faster, more effective incident response across all classes of digital, physical, and converged threats.
• Enhanced ability to protect people, premises, sensitive data, and other assets through improved security control operation and fewer vulnerabilities.
• Streamlined regulatory compliance thanks to combined security functions.
• Reduced financial and reputational risk leading to cost savings by avoiding data breaches and other security incidents.
• Cost savings and reduced operational overhead by simplifying security workflows, removing duplication of effort, and converging security tasks.
• Competitive advantage by demonstrating a commitment to robust security and mature governance and risk management processes.

What are common challenges with merging physical and cybersecurity?

Cybersecurity and physical security teams have long operated as separate units with little collaboration. Cybersecurity teams have IT backgrounds and handle digital controls like hardware firewalls, intrusion detection systems, and cyber incident response. Physical security teams often have criminal justice backgrounds and handle surveillance, physical access to facilities, and on-site incident response. 

While the benefits of converged security are compelling, organizations face a range of challenges to make this happen. The most prevalent issues across industries include:

• Lack of integrated security tools.
  Many businesses have built their physical and cybersecurity architectures incrementally and separately as technology, threats, and requirements have evolved. These investments often include various point solutions that function in isolation from other tools. Tool isolation makes it difficult to analyze data holistically to gain a clear picture of today’s AI-powered converged threats. 
• Skill/resource gaps.
  As more physical security controls rely on IoT devices that run on IT networks, storage, and other services, IT teams increasingly look out for both physical and digital security assets—putting more stress on overworked teams. The result can be greater IT complexity, process inefficiencies, manual data analysis, and problems building a comprehensive view for management.
• Resistance to change.
  Converging security forces change across different departments, processes, and business cultures. It can be difficult for teams to collectively envision new models, plan in new ways, and build new connections across longstanding divides. It can also be distressing for staff to consider altering and potentially destabilizing important workflows. 
• Lack of budget.
  Security investments are often a reaction to a major incident rather than a proactive risk mitigation move. Management may also balk at convergence costs and risks because of doubts about return on investment (ROI) and time to benefit. While successful security convergence should ultimately save money, the cost of transitioning can seem onerous in the face of competing priorities when budgets are already lean. Siloed physical and digital security programs may compete for funding, increasing the tension around investing in convergence.  

How to overcome security convergence challenges?

As threat actors launch more converged attacks, companies need to act now to unify security operations and invest in technology support for converged incident detection and response. Delaying the process only increases risks and costs.

Merging physical and cybersecurity programs into a collaborative effort starts with a comprehensive strategy that focuses on integrating tools, establishing cross-functional policies, and developing joint protocols for both surveillance/detection and incident response activities.

Steps that many successful organizations take to support converged security include:

• Audit your current security ecosystem to identify gaps and redundancies.
• Develop shared performance metrics to support joint analysis and response.
• Invest in a modern, AI-enabled platform approach to gathering, analyzing, and acting on converged security data within a common dashboard. This often includes linking video surveillance, identity & access management, and intrusion detection capabilities. Leveraging open standards and proven integrations and APIs across current investments can reduce time, effort, and costs.
• Ensure that every access request, both digital and physical, is verified per zero trust guidelines.
• Educate management on the ROI, cost savings, and other business benefits of converged security investments. 
• Identify “quick wins” for a pilot program or proof of concept project to demonstrate value and move the convergence needle.
• Connect with a trusted partner for strategic advice and on-demand expertise to create and implement a unified security roadmap within your budget and timeline.

What’s next?

For more guidance on this topic, listen to Episode 159 of The Virtual CISO Podcast with guest Jeffrey Friedman, CEO at Fortifye.