Something big is coming to ISC West Booth #13115
Every second, 127 new IoT devices connect to the internet according to Security Magazine. And that’s not including personal devices like smartphones or tablets. The cyber-physical world is here to stay – and it brings with it an ever-expanding attack vector, plopped in the lap of the modern enterprise to try and protect.
Inaction isn’t an option. The negative impacts of a security incident threaten your company’s ability to deliver crucial goods and services, stay afloat financially, protect the health and safety of employees and visitors, and maintain customer trust. With such far-reaching consequences stemming from increasingly multimodal security vulnerabilities, it’s time to take charge in all directions.
Let’s explore how convergence can help you protect your enterprise – and why it works best in three dimensions.
Security is everyone’s concern, but legacy frameworks for governance, risk mitigation and compliance (GRC) have yet to catch up. These frameworks, attached to individual departments, tend to exist in isolation from one another, which in and of itself presents a security risk. Gartner named the push for closing security siloes as one of the top 9 security trends last year due to an uptick in incidents, threats and vulnerability disclosures outside of traditional enterprise IT systems.
Convergence, on the other hand, merges systems, practices and policies so that departments can operate from shared data and coordinate actions related to policy enforcement, risk prevention and compliance measures.
Survey participants identified the following top 5 benefits of convergence:
While most professionals recognize the need to bring together the various security functions at their enterprise, they haven’t necessarily sprung into action, either.
In a survey of more than 1,000 professionals with senior roles in physical security, cybersecurity, disaster management, business continuity and related fields conducted by The ASIS Foundation and sponsored by Alert Enterprise, only 24% indicated that they had converged physical and cyber security functions. (Of those that did converge the two, however, 96% reported experiencing positive results.)
Part of the problem is that many companies still insist on integrating their systems manually – which is the equivalent of trying to build a smartphone by wiring together a pager, camera and flip phone. But with the right partner – and the right integrations – convergence can happen without a rip and replace or a Promethean in-house effort.
Even as leaders begin to recognize the value of convergence, they’re generally still only gaining visibility in two dimensions, rather than three. Why? Because they’re focusing on joining cyber/IT and OT security functions by replacing the historically isolated GRC frameworks that govern both. But a truly effective approach requires a third dimension – the inclusion of GRC as it pertains to physical security. Plus, as a subset of the IT side of convergence, companies should make sure they’re actively incorporating HR GRC. The human resource department typically houses a company’s workforce identities and core employee data – which determine both digital and physical workspace access.
A three-dimensional approach to GRC brings together IT/HR GRC (like SAP), OT GRC and Physical GRC to create one converged solution for coordinated threat detection and response practices across your enterprise – no matter how large or complex.
3D GRC affords your organization the opportunity to identify and eliminate security gaps between physical and digital workforce systems. From there, you can create one consolidated view of workforce identities, threat detection and access-related data. As a result, when there’s an issue, everyone works from the same information.
In contrast, when different GRC frameworks operate in silos, departments are more likely to deploy misaligned solutions because they only have a fragmented perspective of the problem. 3D GRC can help your organization identify root cause faster and move as one to mitigate potential risk.
Eliminating silos and strengthening your company’s security posture are just the beginning of what you can achieve with 3D GRC. When all three functions move as one, tackling pressing business challenges becomes much easier. Here are just some possibilities:
At Alert Enterprise, trust is at the center of everything we do. We bring people, processes, data and technology together in true security convergence.
Subscribe to our newsletter:
Subscribe to our newsletter:
Chief Strategy Officer
David Cassady has been selling and leading teams in Silicon Valley for more than 30 years. During that time, he’s led a mix of established software players and startups. Cassady has also been involved with five IPOs — and at least as many acquisitions.
As Chief Strategy Officer, David leverages his extensive experience helping software businesses drive growth through deep and impactful partnerships with the world’s most successful SaaS providers like ServiceNow, Microsoft and SAP.
Chief Security Officer
Senior Vice President, Regulated Industries
Mark Weatherford brings years of high-level cyber-physical expertise to Alert Enterprise, and as Chief Security Officer (CSO), he guides the strategy of data management and protection by advising cyber-physical security policies and procedures within the company. Weatherford also works in liaison with businesses and executive professionals in the cyber and physical security industries to further accelerate security convergence adoption.
Mark has held numerous high-level cyber-centric positions, including Vice President and Chief Security Officer at the North American Electric Reliability Corporation (NERC), the Department of Homeland Security’s first Deputy Under Secretary for Cybersecurity under the Obama administration, California’s first Chief Security Officer, and the first CISO for the state of Colorado.
Chief Technology Officer
As Chief Technology Officer (CTO) of Alert Enterprise, Harsh Chauhan is responsible for the company’s engineering technology innovation and solution delivery. A 20-year technology veteran and leader, Chauhan is focused on the growth of the company’s 3D Governance Risk Compliance (GRC) hyperscale cloud platform.
He also continues to develop integrated solutions with leading technology partners like SAP, SAP NS2, and ServiceNow. Before Alert Enterprise, Mr. Chauhan held multiple CTO positions, as well as Product Owner and Head of Development at SAP GRC 10.0, delivering targeted solutions to high-profile SAP clients.
Chief Operations Officer
CFO and Co-Founder
As Chief Financial Officer (CFO) and Co-Founder of Alert Enterprise, Kaval Kaur leads all finance and administrative back-office operations. Kaur is a member of the national professional organization American Institute of Certified Public Accountants (AICPA) and the California State CPA Society.
Prior to joining Alert Enterprise, she was the CFO and Co-Founder of Virsa Systems, a position she held until its acquisition by SAP.
Kaur is a philanthropist at heart, embracing the diversity of the San Francisco Bay area by assisting with and promoting special cultural events. She recently sponsored 2,000 public schools in rural India to advance computer literacy skills for children and is a foster mother to a 10 year old.
Founder and CEO
Leading the charge of digital transformation and security convergence is Jasvir Gill, Founder and CEO of Alert Enterprise, Inc. An accomplished engineer by trade, Gill is driving the long-overdue digital transformation of the physical security industry.
Prior to launching Alert Enterprise, Gill was the founder and CEO of Virsa Systems, where he grew the company into a global leader of application security software. An early pioneer in establishing governance, risk and compliance as a software market segment, he drove exponential growth at Virsa, facilitating its acquisition by SAP in 2006.
In his free time, Jasvir helps drive social and economic empowerment in the community. He’s also a trustee at the American India Foundation.