There is an old story about the tiger and the two friends that seemed to tie together the theme of the final 2005 SecureWorld Expo/Conference Series which just concluded in Dallas last week.
The story begins with two friends lost in a tiger-infested jungle. As the two are trying to get their bearing straight, they sit to rest on a log near a stream. One of the men goes over to fill his canteen and as he returns he notices that his friends has pulled a new pair of running shoes from his backpack and is diligently lacing them up.
Sitting down on the log, the man with the canteen looks at his friend with a wry smile and says, "You know, the fact that you are wearing sneakers certainly won't help you out run a tiger!"
His companion is quick with a retort. "I don't have to worry about outrunning the tiger," says the friend, "I just have to out run you!"
The tiger in the Dallas venue seemed to be technology. Almost every session at the SecureWorld Expo/Conference lamented the dangers of today’s security practitioners trying to stay one step ahead of the technology curve. In his keynote address, noted security consultant Michael Corby, CCP, CISSP, a senior director for Gartner Consulting, made a strong case for tying a security plan to the business philosophy of the enterprise and not the technology.
"As a security professional you need to talk business and focus on the business parameters that guide your organization. Your security tools will inevitably be more viable and it will be easier to sell your program as a benefit," said Corby. "If technology is your security foundation, you will always be stopping and starting your initiatives and doing nothing more than putting out fires. Security has to out live the individuals who conceive the initial plans and implement the strategy. Any good approach to security has to be absorbed into the corporate culture."
As the host of the security convergence seminar track, Security Technology & Design invited Leon Chlimper, vice president of security systems at Bosch, to address a session on enterprise systems. Chlimper was extremely candid about the current role of today's physical security manufacturer in this world of converging technologies.
"It is not a question of who will win the battle of convergence - the IT department or the corporate security personnel," said Chlimper to an audience that featured a high number of information security directors. "The lines have already been drawn. Physical security will handle the hardware and IT will control the information and the network. But that is not to say they will not have to work in a spirit of tight cooperation."
Chlimper reminded both sides of the house that IT has been using physical security for years and may not have realized it. He noted that hard-shelled strategies are used by IT to protect data centers and their IT hardware. When pressed with questions about open systems and security standards in the physical world, Chlimper was equally as candid.
"As physical security vendors, we don't know what we don't know when it comes to software," said Chlimper. "One thing we do know is that creating an environment where we will all live in a world of open standards won't happen as long as traditional physical security companies own the market. But that is not a bad thing," explained Chlimper. "Interoperability can exist with a proprietary twist. At the end of the day, manufacturers want to be able to offer different flavors of security. It is that difference that we sell."
Chlimper did make it clear that it is of paramount importance that systems communicate with each other and that hardware between systems is compatible, flexible and expandable. He cited that if current manufacturers don't heed the wishes of its end-users, software companies like Cisco or Microsoft could present real threats to the marketplace.
The schedule for 2006's SecureWorld Expo/Conference is set with eight cities on the circuit. Planned stops for '06 include Boston (March), Philadelphia (April), Atlanta and Chicago (May), Detroit (Sept.), Seattle (Oct.), San Francisco (Nov.) and Dallas (Dec.). Please refer to the events section of SIW to make your plans for these events or check online at www.secureworldexpo.com.
