What is Security Technology Convergence?

Sept. 29, 2009

For most industries, convergence is the incorporation of information technology into products and systems. To actually reap the full benefits of convergence, we have to consider its full spectrum. The following answers came from speakers and attendees at recent security conferences. My comments appear after them in italics.

Q: What is security technology convergence?

“It’s putting security devices and systems onto the corporate network.” If we don’t have networked applications to go along with this, then the only benefit that we get is the cost savings from sharing a common communications infrastructure (the network).We won’t see operational benefits.

“It means replacing analog devices and systems with digital devices.” That’s true from an installer’s perspective. But a bad digital video camera can give you worse results than a good analog camera. Knowledge about the operational capabilities of digital devices and systems is critical to getting the new benefits they offer. Application knowledge — how we can put the technology to work for security purposes — goes beyond digital or analog issues. Because convergence involves computer technology (i.e. digital technology), there is a strong focus on the technical aspects; however, what is more important is how our security business processes and operations can be improved using new technology. If we don’t improve that, what use is the new technology?

“Until open standards and compatibility are fully adopted in the security industry, we won’t have true convergence.” In the IT domain, voice, video and data converge to travel over a single wire using common protocols at various points. But proprietary technologies (along with their advantages and disadvantages) are a part of most products and systems. Generally speaking, our risk treatment plans are not up to speed with the technology of today, let alone of tomorrow, because they don’t take into account applications that we can use today to reduce security risks.

Thinking About Technology Convergence

The recent Apple commercial for its iPhone 3G product provides the right perspective: “There’s an app for that.” App, of course, being short for a software application. The iPhone is a computerized phone that can connect directly with computers as well as with the Internet and systems that run on the Internet. Apple calls its new phone “revolutionary.” That seems to fit. Seven months after the iPhone was introduced, Apple’s App Store had more than 15,000 applications available for purchase and download, supporting Apple’s contention that “There’s an app for just about anything.”

If the capabilities of a telephone are “revolutionary,” what would you call the possibilities of a networked security technology infrastructure, in which mobile devices like the iPhone are just small parts, and for which technology keeps advancing at an ever-accelerating rate? I’d say they are practically limitless, in the long run.

From a technical perspective, security technology convergence is the arrival into computer systems of information technology. And information technology (IT) continues to develop even as you read this column. But from the security practitioner’s perspective, convergence is the vision of what we can do with all of the IT-enabled devices and systems that we can now install, connect to and interoperate with.

How do you want to prevent, deter, detect, delay, assess, respond and recover relating to the threats that your organization faces? Chances are good that there’s an application for that. And if there isn’t one now, and you start asking for it, there will be before long.

New Question:

What books have helped improve your understanding of convergence?

If you have experience that relates to this question, or have other convergence experience you want to share, e-mail your answer to me at [email protected] or call me at 949-831-6788. If you have a question you would like answered, I’d like to see it. We don’t need to reveal your name or company name in the column. I look forward to hearing from you!

Ray Bernard, PSP, CHS-III is the principal consultant for Ray Bernard Consulting Services (RBCS), a firm that provides security consulting services for public and private facilities. Mr. Bernard has also provided pivotal strategic and technical advice in the security and building automation industries for more than 18 years. He is founder and publisher of The Security Minute 60-second newsletter (www.TheSecurityMinute.com). For more information about Ray Bernard and RBCS go to www.go-rbcs.com or call 949-831-6788.