10/15
  • Pages
  • Editions

The 3 Cs of Enterprise Security: Communicate, Coordinate and Collaborate

As technology continues to evolve and become more interconnected, the line between cyber and physical security is increasingly blurred. Organizations need integrated enterprise security teams consisting of cyber and physical security specialists, and senior facility managers will progressively take part in holistic risk management assessment processes and cohesive enterprise security strategies. In this section, we will explore the steps that facility managers can play to take part within enterprise-oriented security teams to protect assets better. These steps focus on the three Cs: communication, coordination and collaboration.

COMMUNICATION:

The first step toward achieving enterprise security is to initiate an ongoing dialogue between the cyber and physical security teams. It is essential to review the roles and responsibilities among and within each team and establish a joint team that includes representatives from both cyber and physical security teams. This convergence team should be responsible for information sharing between the two teams.

COORDINATION

Once the convergence team has been established, it is important to formalize their roles and responsibilities. The team should identify linked assets, such as critical infrastructure and data systems, and assess vulnerabilities to determine the baseline security posture. This will help the team identify areas of weakness that need improvement.

COLLABORATION:

The next step is to run the numbers and prioritize improvements based on the risk assessment. Facility managers should craft risk-driven policies that consider both cyber and physical threats. These policies should be aligned with the organization's overall strategic objectives to ensure that they support the organization's mission and vision. Ultimately, achieving convergence requires a collaborative effort between the cyber and physical security teams.

By working with other IT and OT specialists in a coordinated fashion, facility managers can better protect their assets and ensure their organizations are prepared to face modern-day threats.

The built environment has long been a target of cyberattacks that can disrupt operations and services. The timeline below summarizes a few of the major cyber incidents that have impacted the built environment over the past decade.

Figure: Example of cyber incidents affecting the built environment

DID YOU KNOW?