Convergence in Three Dimensions: What It is, And Why You Need It

Every second, 127 new IoT devices connect to the internet according to Security Magazine. And that’s not including personal devices like smartphones or tablets. The cyber-physical world is here to stay – and it brings with it an ever-expanding attack vector, plopped in the lap of the modern enterprise to try and protect.

Inaction isn’t an option. The negative impacts of a security incident threaten your company’s ability to deliver crucial goods and services, stay afloat financially, protect the health and safety of employees and visitors, and maintain customer trust.  With such far-reaching consequences stemming from increasingly multimodal security vulnerabilities, it’s time to take charge in all directions.

Let’s explore how convergence can help you protect your enterprise – and why it works best in three dimensions.

Convergence is a must

Security is everyone’s concern, but legacy frameworks for governance, risk mitigation and compliance (GRC) have yet to catch up. These frameworks, attached to individual departments, tend to exist in isolation from one another, which in and of itself presents a security risk. Gartner named the push for closing security siloes as one of the top 9 security trends last year due to an uptick in incidents, threats and vulnerability disclosures outside of traditional enterprise IT systems.

Convergence, on the other hand, merges systems, practices and policies so that departments can operate from shared data and coordinate actions related to policy enforcement, risk prevention and compliance measures.

The many benefits of a converged approach

Survey participants identified the following top 5 benefits of convergence:

  1. Better alignment of security with corporate goals
  2. Enhanced communication and cooperation
  3. Shared practices and goals across functions
  4. More versatile and well-rounded staff
  5. More efficient security operations

Don’t go it alone – and don’t converge manually, either

While most professionals recognize the need to bring together the various security functions at their enterprise, they haven’t necessarily sprung into action, either.

In a survey of more than 1,000 professionals with senior roles in physical security, cybersecurity, disaster management, business continuity and related fields conducted by The ASIS Foundation and sponsored by AlertEnterprise, only 24% indicated that they had converged physical and cyber security functions. (Of those that did converge the two, however, 96% reported experiencing positive results.)

Part of the problem is that many companies still insist on integrating their systems manually – which is the equivalent of trying to build a smartphone by wiring together a pager, camera and flip phone. But with the right partner – and the right integrations – convergence can happen without a rip and replace or a Promethean in-house effort.

Make it three-dimensional for maximum impact

Even as leaders begin to recognize the value of convergence, they’re generally still only gaining visibility in two dimensions, rather than three. Why? Because they’re focusing on joining cyber/IT and OT security functions by replacing the historically isolated GRC frameworks that govern both. But a truly effective approach requires a third dimension – the inclusion of GRC as it pertains to physical security. Plus, as a subset of the IT side of convergence, companies should make sure they’re actively incorporating HR GRC. The human resource department typically houses a company’s workforce identities and core employee data – which determine both digital and physical workspace access.

A three-dimensional approach to GRC brings together IT/HR GRC (like SAP), OT GRC and Physical GRC to create one converged solution for coordinated threat detection and response practices across your enterprise – no matter how large or complex.

Close silos, clarify discrepancies – and create a single source of truth

3D GRC affords your organization the opportunity to identify and eliminate security gaps between physical and digital workforce systems. From there, you can create one consolidated view of workforce identities, threat detection and access-related data. As a result, when there’s an issue, everyone works from the same information.

In contrast, when different GRC frameworks operate in silos, departments are more likely to deploy misaligned solutions because they only have a fragmented perspective of the problem. 3D GRC can help your organization identify root cause faster and move as one to mitigate potential risk.

Solve more business problems – together

Eliminating silos and strengthening your company’s security posture are just the beginning of what you can achieve with 3D GRC. When all three functions move as one, tackling pressing business challenges becomes much easier. Here are just some possibilities:

  • Automating employee access to digital and physical workspaces according to regulations and company policy – from hire to retire.
    Accelerating and streamlining onboarding and offboarding for all employees (including contractors).
    Empowering employees with self-attestation solutions to reduce troubleshooting burden on physical security and IT.
    Saving on invoices by precisely tracking when contractors enter and exit field sites.
    Digitizing safety procedures and automating visitor authentication for added efficiency.

Explore 3D GRC with AlertEnterprise

It’s time for everyone to come together. We can help you do it using your existing systems. Let’s talk about how we can help you automate 3D GRC so OT, physical security and IT – including HR – can work together for your enterprise.

Let's chat.

David Cassady

Chief Revenue Officer

David Cassady has been selling and leading sales teams in Silicon Valley for more than 30 years. During that time, he’s led a mix of established software players and startups. Cassady has also been involved with five IPOs — and at least as many acquisitions.

As Chief Revenue Officer, David leverages his extensive experience helping software businesses drive growth through skill-building for cloud and SaaS-focused teams. Together with the AlertEnterprise team, David is focused on the intersection of a repeatable sales process, a predictable pipeline and a multi-channel go-to-market strategy that includes physical security system integrators and SAP — all with the goal of driving explosive growth for the company.

Mark Weatherford

Chief Security Officer
Senior Vice President, Regulated Industries

Mark Weatherford brings years of high-level cyber-physical expertise to AlertEnterprise, and as Chief Security Officer (CSO), he guides the strategy of data management and protection by advising cyber-physical security policies and procedures within the company. Weatherford also works in liaison with businesses and executive professionals in the cyber and physical security industries to further accelerate security convergence adoption.

Mark has held numerous high-level cyber-centric positions, including Vice President and Chief Security Officer at the North American Electric Reliability Corporation (NERC), the Department of Homeland Security’s first Deputy Under Secretary for Cybersecurity under the Obama administration, California’s first Chief Security Officer, and the first CISO for the state of Colorado.

Harsh Chauhan

Chief Technology Officer

As Chief Technology Officer (CTO) of AlertEnterprise, Harsh Chauhan is responsible for the company’s engineering technology innovation and solution delivery. A 20-year technology veteran and leader, Chauhan is focused on the growth of the company’s 3D Governance Risk Compliance (GRC) hyperscale cloud platform.

He also continues to develop integrated solutions with leading technology partners like SAP, SAP NS2, and ServiceNow. Before AlertEnterprise, Mr. Chauhan held multiple CTO positions, as well as Product Owner and Head of Development at SAP GRC 10.0, delivering targeted solutions to high-profile SAP clients.

Ruby Deol

Chief Operations Officer

Ruby Deol oversees all business units at AlertEnterprise. With more than 20 years of experience in global sales and support services, Deol nurtures existing client relationships with a customer-first approach. As AlertEnterprise continues to grow in industry recognition and stature, Deol is charged with developing and implementing methods to meet organization goals and facilitate the company’s ongoing transformation.

Kaval Kaur

CFO and Co-Founder

As Chief Financial Officer (CFO) and Co-Founder of AlertEnterprise, Kaval Kaur leads all finance and administrative back-office operations. Kaur is a member of the national professional organization American Institute of Certified Public Accountants (AICPA) and the California State CPA Society.

Prior to joining AlertEnterprise, she was the CFO and Co-Founder of Virsa Systems, a position she held until its acquisition by SAP.

Kaur is a philanthropist at heart, embracing the diversity of the San Francisco Bay area by assisting with and promoting special cultural events. She recently sponsored 2,000 public schools in rural India to advance computer literacy skills for children and is a foster mother to a 10 year old.

Jasvir Gill

Founder and CEO

Leading the charge of digital transformation and security convergence is Jasvir Gill, Founder and CEO of AlertEnterprise, Inc. An accomplished engineer by trade, Gill is driving the long-overdue digital transformation of the physical security industry.

Prior to launching AlertEnterprise, Gill was the founder and CEO of Virsa Systems, where he grew the company into a global leader of application security software. An early pioneer in establishing governance, risk and compliance as a software market segment, he drove exponential growth at Virsa, facilitating its acquisition by SAP in 2006.

In his free time, Jasvir helps drive social and economic empowerment in the community. He’s also a trustee at the American India Foundation.