IFSEC Insider is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
James Willison MA, is a recognised International leader in Security Convergence and Enterprise Security Risk Management. In 2020 IFSEC Global listed James #8 in the top 20 Cyber Security Thought Leaders across the world. Shortlisted in Security Serious Unsung Security Heroes Awards 2018, as a Security Leader/mentor. James is Co Chair, Smart Buildings Working Group, Internet of Things Security Foundation and a member of the ASIS International ESRM Steering Committee. He is founder of Unified Security Ltd, a Vidsys consultant, works with AXIS Communications on cyber security and advises on the IFSEC Converged Security Centre.
James was awarded the Imbert Prize for an ‘outstanding contribution to the Security Industry in 2011’ for his work on convergence with ASIS Europe and the Information Security Awareness Forum. He has more than 20 years of management experience in the physical and information security industry, including posts as Advisor on Convergence to the Mitie TSM Board, Senior lecturer in Security Management at Loughborough University and Digital Security Expert with the European Union. He has co-authored three White Papers and a series of new articles with Sarb Sembhi, sponsored by AXIS Communications, on ESRM, GDPR and Smart Buildings and Cities’ Security.
James Willison, Founder, Unified Security Ltd provides an overview of his published response to the call for evidence from the UK Government regarding how the UK can become more resilient to extreme risks and emergencies. James will be speaking on these issues at the upcoming webinar, Protecting Cities, on 22nd June at IFSEC Connect.
In December 2020, The House of Lords Committee on Risk Assessment and Risk Planning published its call for evidence, inviting the public to provide their views on how we can ensure that the UK is as resilient to extreme risks and emergencies as possible.
It identified a series of topics to consider, and Professor Alison Wakefield (one of this year’s judges for the prestigious IFSEC Global Influencers in Security awards) recommended members of the security community contribute their views. I focused on two questions. The following highlights the key points, including why a converged approach to security, encompassing both cyber and physical, is vital.
Are there types of risks to which the UK is particularly vulnerable or for which it is poorly prepared? What are the reasons for this?
What can be learnt from local or corporate risk management processes, or those of other countries? Are there any specific examples of practices, processes or considerations which could improve the UK’s national risk resilience? How could businesses and civil society more effectively support national resilience preparation?
My responses, broken down below, can be summarised as follows:
The risks to which the UK is particularly vulnerable range from fraud, £191 billion lost in 2018, to pandemic disease that has led to loss of life in the hundreds of thousands to cyber war. Fraud has now become a greater risk because of the online activities of criminals, and this is well documented. COVID-19 statistics demonstrate that the UK was poorly prepared compared to countries in East Asia and Australasia. The key reasons for this include the UK’s failure to invest in real time tracking technologies that can integrate with CCTV and other data, such as point of sales transactions. This is what is defined in risk management as IT CAPABILITY.
The UK has CCTV, although it is not always reliable, and it doesn’t integrate it with these other systems.
CYBER WAR is the risk that nations can target the CNI and other organisations with a view to overwhelming the IT infrastructure and combining with physical force cause significant harm. The UK is not prepared for this because siloes exist across the country, with most organisations operating in physical security and cyber security centres.
CYBER ATTACKS on critical national infrastructure. It is worth noting recent advice from the United States which faces the same threat. The US Government Cybersecurity & Infrastructure Security Agency (CISA) is recommending that physical security and cyber security teams collaborate and integrate so that they are unified.
In its report, “The State of Security Convergence” ASIS International lists the key six benefits as:
Better alignment of security strategy with corporate goals
Shared practices/goals across functions
More versatile/well rounded staff
More efficient security operation
Greater visibility and influence with C-suite/board
Enhanced communication/cooperation
The practical outcome of a converged security approach will be the building of CONVERGED SECURITY CENTRES. These have been showcased at the Excel Centre in the leading security exhibition, IFSEC International, since 2018. Here, a real time response to all security risks can be achieved using cyber and physical monitoring provided by advanced physical and digital systems integrating on one platform, so that a physical security officer can suspend a remote vpn connection after checking if the authorised person is on site.
In conclusion, I am calling, as an individual security consultant, for the UK Government to follow the US Government Cybersecurity and Physical security Convergence Guide and also build Unified Security Operations Centres to improve the nation’s IT and Cyber Physical capability.
James Willison will be one of the panellists discussing how we can better protect our cities and public infrastructure at IFSEC Connect on 22nd June. Be sure to join us by following the link below to register for free.
Keep up with the wireless access control market
Download this free report to find out more about:
The current state of wireless access control solutions in the market
The rising popularity of mobile access control
Awareness of cyber security regulations and how this relates to access control
The growing use of the cloud and ACaaS to manage access systems
How your choice of access control solution can impact sustainability
Why the UK should adopt a converged security approach to improving resilienceJames Willison provides an overview of his published response to how the UK can become more resilient to extreme risks and emergencies.
James Willison
IFSEC Insider | Security and Fire News and Resources
Related Topics
Bringing balance to security risk management – “Let’s fix the wobbly chair!”
How do you protect access management systems in a connected environment? With a converged security centre of course…
What is credential theft and why should physical security professionals care?
My responses, broken down below, can be summarised as follows:
