Cyber-Physical Convergence is Happening, But Not Fast Enough


A common sentiment amongst risk professionals is that employees and institutions would be safer if their groups carried closer working relationships with other departments. Recent data suggests that this belief is widespread across organizations, not just those in physical security. 

Executives in cybersecurity, IT, human resources, physical security, and legal and compliance departments were surveyed as part of Ontic’s 2022 Mid-Year State of Protective Intelligence Report, with a majority suggesting that many threats that disrupted company continuity could have been avoided if teams were able to work in tandem, seeing and managing threats in a shared environment. This data echoes a report produced by the United States Cyber & Infrastructure Security Agency United States Cyber & Infrastructure Security Agency  (CISA), stating, “When physical security and cybersecurity divisions operate in silos, they lack a holistic view of security threats targeting their enterprise.”  

CISA’s findings indicate that lack of joint security operations is more likely to result in “successful attacks” leading to “impacts such as compromise of sensitive or proprietary information, economic damage, disruption of National Critical Functions (NCFs), or loss of life.” However, Ontic’s data uncovered positive signs of cooperation and convergence as a majority (89%) of cybersecurity and IT executives agree their company is actively consolidating their multiple threat intelligence, data analysis, and reporting solutions.

But is convergence happening fast enough to be effective? 65% of cybersecurity and IT professionals respondents at public companies said they only recently started to include security threats such as cyber-physical, supply chain, and remote work vulnerabilities as risk factors in their public filings. So, the question isn’t whether teams want to work together but how to maximize that cooperation, contributing to the company’s strategic goals.  

A good starting point is for risk teams to have conversations about what threats they are focused on – taking time to understand each other’s monitoring requirements and identify those that are sacrosanct to all. Groups operating in silos often face overlapping risks. Cybersecurity teams, for example, are acutely aware of insider threats and what those pose to IT assets, data security, and intellectual property. But the same risk factors digital protectors are looking for are also on the radar of physical security and human resources teams.

By having inclusive discussions across departments, you should be able to develop a risk picture from a strategic, all-hazards perspective and start to drive a common operating language.

Look at the tools and data available within the enterprise. How can you map those to the organization’s risks? What data points collected by legal and compliance teams might be valuable in cybersecurity and physical security teams? Doing this will drive the concept of common operating information across groups that face and manage threats in the company’s structure.

If your organization can log that data, like those indicators of risk, into a single platform, it can be tracked when needed, and analysis will be accelerated across the organization, leading to fewer missed threats. 

Leaders should drive discussions about triggers that cause decision-making. When and how should analysts escalate an issue? When should the cybersecurity team check in with HR about an employee’s behavior? Answering these questions and putting processes in place to help will increase your ability to respond proactively to threats and create a common operating picture for executive decision-makers.

The complexity of the threat environment facing companies is increasing, and the amount of threat intelligence data (and telemetry) continues to be immense. The only way for companies to respond effectively is for risk leaders to obsess on a working environment that promotes joint information and language, leading to a common operating picture that gives a comprehensive view of ongoing threats and provides decision-makers a holistic threat picture from which they can make the best-informed decisions.

Hear security leaders share insights from the Mid-Year Outlook 2022 State of Protective Intelligence Report in our on-demand webinar. To learn more about our findings, download the report here.