Plan B The ARM-LP JournalPlan B became a regularly scheduled journal in May, 2018. Two-thirds of the articles published to this point deal with cybersecurity in one way or another, most especially the last four articles in June. It’s a fallacy to think that cybersecurity is different than physical security.

What Planet Do You Live On?

Cybersecurity is about people. The common segregation of security into “cyber” or “physical” is not useful. Jasvir Gill thinks that cybersecurity is from Mars and physical security is from Venus.

The founder and CEO of AlertEnterprise, Jasvir initially focussed his security practice on governance, risk and compliance (GRC). Loss Prevention Headquarters agrees entirely with this approach: GRC does not allow for “silos.” A silo, according to BusinessDictionary.Com (a new tab will open in your browser) is …

A mind-set present in some companies when certain departments or sectors do not wish to share information with others in the same company.

Reasons To Silo

There are a few good reasons to silo. Marketing may want to keep certain information proprietary before a launch, or even thereafter. Finance certainly wants to separate receivables from payables. Human Resources must protect the privacy of its employees.

None of this applies to us here.

Marketing, Finance and Human Resources are important to business operations — but are not themselves operations: they don’t make money, they support units that make money. Departments or sectors who do not wish to share information, continues Business Dictionary…

… reduce the efficiency of the overall operation, reduce morale, and may contribute to the demise of a productive company culture.

Life On Planet Earth

Gill thinks that corporate security is one planet. The silos of Mars and Venus, cybersecurity and physical security, must be pulled into Earth’s orbit. Far too many organisations segregate IT security from physical security.

Security professionals in the organisation need some of the same training, and as they acquire it they must be allowed to move forward. At some point what your security professionals know will diverge: some will have advanced skills useful to cybersecurity, some will have advanced skills useful to general life safety — and all will have advanced skills.

Gill’s expertise is in critical infrastructure, where the distintion between cybersecurity and physical is quite thin.

“Bad guys attack where they see the biggest gap,” he asserts. “They won’t wait until you are prepared.” He’s right, and smaller organisations must learn from him.