Risks due to convergence of physical security systems and information technology environments

The areas of physical security and information technology (IT) are often if not usually worlds apart. The same is true for physical security and IT security; in most organizations separate functions for physical security and IT security exist. Because these functions are in place and because they at least in part achieve their goals, management tends to perceive that major risks they try to mitigate are being addressed. Convergent security risks in physical security systems and information technology (IT) are, however, almost without exception overlooked. Physical security systems and devices, process control systems, and IT infrastructures are being integrated without sufficient consideration of the security risks that the increasing intermingling of these systems and infrastructures introduces. Serious security-related incidents due to unmitigated physical convergence risks are starting to occur. Adequately dealing with the convergence problem requires organizations to implement multiple solutions.