Convergence of Corporate and Information Security
Syed (Shawon) M. Rahman, Shannon E. Donahue
TL;DR
This paper discusses how organizations are integrating physical and information security to improve overall security management, highlighting challenges, strategies, and the lack of standardized best practices.
Contribution
It provides insights into the transition from traditional security management to converged security programs and offers guidance on establishing effective convergence.
Findings
Organizations face challenges in managing converged security.
Convergence can optimize security value for businesses.
There are no current standardized best practices for convergence.
Abstract
As physical and information security boundaries have become increasingly blurry many organizations are experiencing challenges with how to effectively and efficiently manage security within the corporate. There is no current standard or best practice offered by the security community regarding convergence; however many organizations such as the Alliance for Enterprise Security Risk Management (AESRM) offer some excellent suggestions for integrating a converged security program. This paper reports on how organizations have traditionally managed asset protection, why that is changing and how to establish convergence to optimize security value to the business within an enterprise.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsInformation and Cyber Security · Cybercrime and Law Enforcement Studies · Supply Chain Resilience and Risk Management